Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
linux: cgroups: cleanup unused mount if move failed
When running a container with /sys/fs/cgroup already mounted
(e.g. --volume=/sys:/sys) and another shared volume somewhere
(e.g. --volume=/mnt:/mnt:shared), the move mount fails with EINVAL:
```
mount("/run/crun/6d75ef05e540486f21ef54743f8af97f4dff0d0d7c54d9b7852cd5302e884db8/tmpmount", "/proc/self/fd/8", NULL, MS_MOVE, NULL) = -1 EINVAL (Invalid argument)
```
This leaves tmpmount as a mountpoint behind, which then fails to
cleanup:
```
openat(AT_FDCWD, "/run/crun", O_RDONLY|O_CLOEXEC|O_DIRECTORY) = 3
openat(3, "0d1342f7a7375593813287c743170bb71f30f9a64fa8bc141d3cf9b8e9aa5a89", O_RDONLY|O_DIRECTORY) = 4
unlinkat(4, "tmpmount", 0) = -1 EISDIR (Is a directory)
unlinkat(4, "tmpmount", AT_REMOVEDIR) = -1 EBUSY (Device or resource busy)
close(4) = 0
unlinkat(3, "0d1342f7a7375593813287c743170bb71f30f9a64fa8bc141d3cf9b8e9aa5a89", AT_REMOVEDIR) = -1 ENOTEMPTY (Directory not empty)
```
This in turn ultimately fails libcrun_container_delete_status() and
friends, leading to the non-execution of post hooks in this reproducer:
```
$ mkdir hooks.d
$ cat > hooks.d/hook.json <<'EOF'
{
"version": "1.0.0",
"when": {"always": true},
"hook": {
"path": "/bin/sh",
"args": ["/bin/sh", "-c", "date >> /tmp/hookme"]
},
"stages": ["poststop"]
}
EOF
$ podman --runtime=path/crun run \
--net=none --name test -d --replace --hooks-dir=$PWD/hooks.d \
--volume=/sys:/sys --volume=/mnt:/mnt:shared \
docker.io/alpine true
```
(the hook is eventually run on podman rm, but not by crun immediately on
container stop)
Just cleaning up the mount point makes the problem go away.
Fixes: 523eed3 ("linux: add new fallback when mount fails with EBUSY")
Signed-off-by: Dominique Martinet <[email protected]>- Loading branch information
