aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2015-12-15 13:34:10 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2015-12-15 13:34:49 +0000
commit5faee4af1cc16293f216fe3b2822055a68fee57f (patch)
tree6bf92a7d529c3a37cdd258bcd0a8014db32fc07b
parent7b00bb340005da9cdfa01dd6b1df8b162527aa55 (diff)
downloadaports-5faee4af1cc16293f216fe3b2822055a68fee57f.tar.gz
aports-5faee4af1cc16293f216fe3b2822055a68fee57f.tar.bz2
aports-5faee4af1cc16293f216fe3b2822055a68fee57f.tar.xz
main/lxc: check that rootfs is not on tmpfs
fixes #4794
-rw-r--r--main/lxc/APKBUILD8
-rw-r--r--main/lxc/lxc.initd8
2 files changed, 12 insertions, 4 deletions
diff --git a/main/lxc/APKBUILD b/main/lxc/APKBUILD
index 3c23a274c8..99889fc3d2 100644
--- a/main/lxc/APKBUILD
+++ b/main/lxc/APKBUILD
@@ -4,7 +4,7 @@
pkgname=lxc
pkgver=1.1.5
_mypkgver=${pkgver/_rc/.rc}
-pkgrel=1
+pkgrel=2
pkgdesc="linux containers - tools"
url="http://lxc.sourceforge.net/"
arch="all"
@@ -96,16 +96,16 @@ d41088af5dee2e2df7975bb33d5d1537 0001-Clone-bridge-interface-MTU-setting.patch
79e90616b5049a472ccdcb5b1dcdd8b1 version.patch
e8fd932f3ec6d52d7b4c183fc58c0b24 download-template-tmpfs.patch
bd7419669ed6c5578d876ef8a4d06c38 setproctitle-info-not-warn.patch
-1e47412382517ee2adcbca00f07377ca lxc.initd"
+6223e5a2989a805a124f417e4aa7bc03 lxc.initd"
sha256sums="eefce4cc679656cb8636bf0849f3ba6981c48167884e13dbcb377820a717c09c lxc-1.1.5.tar.gz
e9a6c2e5f98a5f03bf772333c91efe7dafbc4f8d699dced73859e7d6c98d2d42 0001-Clone-bridge-interface-MTU-setting.patch
b6d85fb23940d2511b3951de56b2532843c0e03ec1613548366361cc0c1a46b9 version.patch
8cb638f927d51f05884439e6db15092e902a9c59ef830cbdcb07d88f5cff11e1 download-template-tmpfs.patch
d5a2194d1d9dc8b171668532b8f8f26d0e1a4bb8fcea9694d28a5fbc850698ad setproctitle-info-not-warn.patch
-ce4c30c65832c4b79df1c3c1ef6a444247e2866ab24690f1476e7b98b722fac1 lxc.initd"
+c9cd1edf28439266f2b214e44482bfdf96021e819aff4f35b09078208bb77bef lxc.initd"
sha512sums="e48ab549f1317afcb5f7768ab988ba27a3e9f1458504e1d70b2e27c502233e7b3538b8ce0b79940140a59a37681bcd8e459416e814f9e4814a4ed86b89e8df1c lxc-1.1.5.tar.gz
6c4dc0a53ba8947a37faa14bb81a7bbed7a88fb118513842f5a5a37e9d23fbd2bee4f8f513d3f686a34d373869008ee5ccbd4b9e20615d4b9e4b8139119adce3 0001-Clone-bridge-interface-MTU-setting.patch
e2ffcbf55447291a8434a4f37255c3a6a119bc4116c75d205006aa2b070bf6be28535cf6107bead14bbf64bf9fa415346ab544bd1c15e1add7d1c6380e6b2def version.patch
b3b8c47a8594cefff58cef74efe9e6bf0dd8422a40289c4398ea34e61d04dd3d95c567e880a4b123df42ffac3fae179b63b130b357eb6659f73f922f2908d971 download-template-tmpfs.patch
b839650c9be38a7c6e9c327c04433ec72043cca039bed34c6b8a30d1ce5fa9ed40ae71ab6bb7e7b2cd144af7670bbe4737d5a86e61e31cd006aa6234b93256ec setproctitle-info-not-warn.patch
-4ff815d354f022854535a0069033f314263623ead48220d732683d5a268f14f221cbfe1aa9515adf1c2e47de71f1b1f1dda374a1f5f15d6f7025d2de91143d9a lxc.initd"
+6aaf88dc266d04ea42169cefedfe613abcd88466112cc9e19790d522e18dd52c31b7cde48841e9dbe7258526a727d7e76c847201cee9ba990f8fa51e408c13f7 lxc.initd"
diff --git a/main/lxc/lxc.initd b/main/lxc/lxc.initd
index faf6fa9d15..b2c99ec7ff 100644
--- a/main/lxc/lxc.initd
+++ b/main/lxc/lxc.initd
@@ -68,6 +68,14 @@ start() {
rm -f /var/log/lxc/${CONTAINER}.log
rootpath=$(lxc_get_var lxc.rootfs)
+ # verify that container is not on tmpfs
+ dev=$(df -P "${rootpath}" | awk '{d=$1}; END {print d}')
+ type=$(awk -v dev="$dev" '$1 == dev {m=$3}; END {print m}' /proc/mounts)
+ if [ "$type" = tmpfs ] && ! yesno "$ALLOW_TMPFS"; then
+ eerror "${rootpath} is on tmpfs and ALLOW_TMPFS is not set"
+ return 1
+ fi
+
checkpath -d ${pidfile%/*}
ebegin "Starting container ${CONTAINER}"
start-stop-daemon --start $command \