podman: skip /sys/fs/cgroup/systemd if not present

skip adding the /sys/fs/cgroup/systemd bind mount if it is not already present on the host. [NO NEW TESTS NEEDED] requires a system without systemd. Closes: containers#15647 Signed-off-by: Giuseppe Scrivano <[email protected]>
giuseppe · Sep 7, 2022 · f75c318 · f75c318
1 parent ea3e7ef
commit f75c318
Showing 1 changed file with 16 additions and 8 deletions.
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
@@ -4,6 +4,7 @@
 package libpod
 
 import (
+	"errors"
 	"fmt"
 	"os"
 	"path"
@@ -266,9 +267,15 @@ func (c *Container) setupSystemd(mounts []spec.Mount, g generate.Generator) erro
 		g.AddMount(systemdMnt)
 	} else {
 		mountOptions := []string{"bind", "rprivate"}
+		skipMount := false
 
 		var statfs unix.Statfs_t
 		if err := unix.Statfs("/sys/fs/cgroup/systemd", &statfs); err != nil {
+			if errors.Is(err, os.ErrNotExist) {
+				// If the mount is missing on the host, we cannot bind mount it so
+				// just skip it.
+				skipMount = true
+			}
 			mountOptions = append(mountOptions, "nodev", "noexec", "nosuid")
 		} else {
 			if statfs.Flags&unix.MS_NODEV == unix.MS_NODEV {
@@ -284,15 +291,16 @@ func (c *Container) setupSystemd(mounts []spec.Mount, g generate.Generator) erro
 				mountOptions = append(mountOptions, "ro")
 			}
 		}
-
-		systemdMnt := spec.Mount{
-			Destination: "/sys/fs/cgroup/systemd",
-			Type:        "bind",
-			Source:      "/sys/fs/cgroup/systemd",
-			Options:     mountOptions,
+		if !skipMount {
+			systemdMnt := spec.Mount{
+				Destination: "/sys/fs/cgroup/systemd",
+				Type:        "bind",
+				Source:      "/sys/fs/cgroup/systemd",
+				Options:     mountOptions,
+			}
+			g.AddMount(systemdMnt)
+			g.AddLinuxMaskedPaths("/sys/fs/cgroup/systemd/release_agent")
 		}
-		g.AddMount(systemdMnt)
-		g.AddLinuxMaskedPaths("/sys/fs/cgroup/systemd/release_agent")
 	}
 
 	return nil