From d82bb603afab96a83ff58090ff807af5d55adc48 Mon Sep 17 00:00:00 2001 From: Vishnu Kannan Date: Thu, 24 Jul 2014 21:59:55 +0000 Subject: [PATCH 1/2] Make lxc driver rbind all user specified mounts. Docker-DCO-1.1-Signed-off-by: Vishnu Kannan (github: vishh) --- daemon/execdriver/lxc/lxc_template.go | 4 ++-- integration/container_test.go | 17 +++++++++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/daemon/execdriver/lxc/lxc_template.go b/daemon/execdriver/lxc/lxc_template.go index 08b3e7c82..229b0a514 100644 --- a/daemon/execdriver/lxc/lxc_template.go +++ b/daemon/execdriver/lxc/lxc_template.go @@ -75,9 +75,9 @@ lxc.mount.entry = shm {{escapeFstabSpaces $ROOTFS}}/dev/shm tmpfs {{formatMountL {{range $value := .Mounts}} {{if $value.Writable}} -lxc.mount.entry = {{$value.Source}} {{escapeFstabSpaces $ROOTFS}}/{{escapeFstabSpaces $value.Destination}} none bind,rw 0 0 +lxc.mount.entry = {{$value.Source}} {{escapeFstabSpaces $ROOTFS}}/{{escapeFstabSpaces $value.Destination}} none rbind,rw 0 0 {{else}} -lxc.mount.entry = {{$value.Source}} {{escapeFstabSpaces $ROOTFS}}/{{escapeFstabSpaces $value.Destination}} none bind,ro 0 0 +lxc.mount.entry = {{$value.Source}} {{escapeFstabSpaces $ROOTFS}}/{{escapeFstabSpaces $value.Destination}} none rbind,ro 0 0 {{end}} {{end}} diff --git a/integration/container_test.go b/integration/container_test.go index 4462aba08..fcf84cf10 100644 --- a/integration/container_test.go +++ b/integration/container_test.go @@ -6,10 +6,12 @@ import ( "io/ioutil" "os" "path" + "path/filepath" "strings" "testing" "time" + "github.com/docker/docker/pkg/mount" "github.com/docker/docker/runconfig" ) @@ -385,6 +387,21 @@ func TestBindMounts(t *testing.T) { t.Fatal("Container failed to read from bind mount") } + // Test recursive bind mount works by default + // Create a temporary tmpfs mount. + tmpfsDir := filepath.Join(tmpDir, "tmpfs") + if err := os.MkdirAll(tmpfsDir, 0777); err != nil { + t.Fatalf("failed to mkdir at %s - %s", tmpfsDir, err) + } + if err := mount.Mount("tmpfs", tmpfsDir, "tmpfs", ""); err != nil { + t.Fatalf("failed to create a tmpfs mount at %s - %s", tmpfsDir, err) + } + writeFile(path.Join(tmpfsDir, "touch-me-again"), "", t) + stdout, _ = runContainer(eng, r, []string{"-v", fmt.Sprintf("%s:/tmp:ro", tmpDir), "_", "ls", "/tmp/tmpfs"}, t) + if !strings.Contains(stdout, "touch-me-again") { + t.Fatal("Container recursive bind mount test failed. Expected file not found") + } + // test writing to bind mount runContainer(eng, r, []string{"-v", fmt.Sprintf("%s:/tmp:rw", tmpDir), "_", "touch", "/tmp/holla"}, t) readFile(path.Join(tmpDir, "holla"), t) // Will fail if the file doesn't exist From 3e1c1567eac59c7b808d37aa45f82ce67227e59c Mon Sep 17 00:00:00 2001 From: Vishnu Kannan Date: Wed, 30 Jul 2014 02:22:50 +0000 Subject: [PATCH 2/2] Add a cli integration test for recursive bind mounting. Docker-DCO-1.1-Signed-off-by: Vishnu Kannan (github: vishh) --- integration-cli/docker_cli_run_test.go | 40 ++++++++++++++++++++++++++ integration/container_test.go | 17 ----------- 2 files changed, 40 insertions(+), 17 deletions(-) diff --git a/integration-cli/docker_cli_run_test.go b/integration-cli/docker_cli_run_test.go index 63d3b133f..b3f8870a5 100644 --- a/integration-cli/docker_cli_run_test.go +++ b/integration-cli/docker_cli_run_test.go @@ -5,6 +5,7 @@ import ( "io/ioutil" "os" "os/exec" + "path/filepath" "reflect" "regexp" "sort" @@ -12,6 +13,7 @@ import ( "sync" "testing" + "github.com/docker/docker/pkg/mount" "github.com/docker/docker/pkg/networkfs/resolvconf" ) @@ -1142,6 +1144,44 @@ func TestDisallowBindMountingRootToRoot(t *testing.T) { logDone("run - bind mount /:/ as volume should fail") } +// Test recursive bind mount works by default +func TestDockerRunWithVolumesIsRecursive(t *testing.T) { + tmpDir, err := ioutil.TempDir("", "docker_recursive_mount_test") + if err != nil { + t.Fatal(err) + } + + defer os.RemoveAll(tmpDir) + + // Create a temporary tmpfs mount. + tmpfsDir := filepath.Join(tmpDir, "tmpfs") + if err := os.MkdirAll(tmpfsDir, 0777); err != nil { + t.Fatalf("failed to mkdir at %s - %s", tmpfsDir, err) + } + if err := mount.Mount("tmpfs", tmpfsDir, "tmpfs", ""); err != nil { + t.Fatalf("failed to create a tmpfs mount at %s - %s", tmpfsDir, err) + } + + f, err := ioutil.TempFile(tmpfsDir, "touch-me") + if err != nil { + t.Fatal(err) + } + defer f.Close() + + runCmd := exec.Command(dockerBinary, "run", "--name", "test-data", "--volume", fmt.Sprintf("%s:/tmp:ro", tmpDir), "busybox:latest", "ls", "/tmp/tmpfs") + out, stderr, exitCode, err := runCommandWithStdoutStderr(runCmd) + if err != nil && exitCode != 0 { + t.Fatal(out, stderr, err) + } + if !strings.Contains(out, filepath.Base(f.Name())) { + t.Fatal("Recursive bind mount test failed. Expected file not found") + } + + deleteAllContainers() + + logDone("run - volumes are bind mounted recuursively") +} + func TestDnsDefaultOptions(t *testing.T) { cmd := exec.Command(dockerBinary, "run", "busybox", "cat", "/etc/resolv.conf") diff --git a/integration/container_test.go b/integration/container_test.go index fcf84cf10..4462aba08 100644 --- a/integration/container_test.go +++ b/integration/container_test.go @@ -6,12 +6,10 @@ import ( "io/ioutil" "os" "path" - "path/filepath" "strings" "testing" "time" - "github.com/docker/docker/pkg/mount" "github.com/docker/docker/runconfig" ) @@ -387,21 +385,6 @@ func TestBindMounts(t *testing.T) { t.Fatal("Container failed to read from bind mount") } - // Test recursive bind mount works by default - // Create a temporary tmpfs mount. - tmpfsDir := filepath.Join(tmpDir, "tmpfs") - if err := os.MkdirAll(tmpfsDir, 0777); err != nil { - t.Fatalf("failed to mkdir at %s - %s", tmpfsDir, err) - } - if err := mount.Mount("tmpfs", tmpfsDir, "tmpfs", ""); err != nil { - t.Fatalf("failed to create a tmpfs mount at %s - %s", tmpfsDir, err) - } - writeFile(path.Join(tmpfsDir, "touch-me-again"), "", t) - stdout, _ = runContainer(eng, r, []string{"-v", fmt.Sprintf("%s:/tmp:ro", tmpDir), "_", "ls", "/tmp/tmpfs"}, t) - if !strings.Contains(stdout, "touch-me-again") { - t.Fatal("Container recursive bind mount test failed. Expected file not found") - } - // test writing to bind mount runContainer(eng, r, []string{"-v", fmt.Sprintf("%s:/tmp:rw", tmpDir), "_", "touch", "/tmp/holla"}, t) readFile(path.Join(tmpDir, "holla"), t) // Will fail if the file doesn't exist