CasperSecurity
| Current Path : /snap/lxd/32662/lxcfs/ |
|
|
| Current File : //snap/lxd/32662/lxcfs/lxc.mount.hook |
#!/bin/sh -e
# Parse command flags
while [ ! $# -eq 0 ]
do
case "$1" in
--skip-cgroup-mounts )
SKIP_CGROUP_MOUNTS=1
;;
esac
shift
done
# We're dealing with mount entries, so expand any symlink
LXC_ROOTFS_MOUNT=$(readlink -f ${LXC_ROOTFS_MOUNT})
# /proc files
if [ -d /var/snap/lxd/common/var/lib/lxcfs/proc/ ]; then
for entry in /var/snap/lxd/common/var/lib/lxcfs/proc/*; do
[ -e "${LXC_ROOTFS_MOUNT}/proc/$(basename $entry)" ] || continue
mount -n --bind $entry ${LXC_ROOTFS_MOUNT}/proc/$(basename $entry)
done
fi
# /sys/devices/system/cpu
if [ -d /var/snap/lxd/common/var/lib/lxcfs/sys/devices/system/cpu ] ; then
for entry in /var/snap/lxd/common/var/lib/lxcfs/sys/devices/system/cpu/*; do
[ -e "${LXC_ROOTFS_MOUNT}/sys/devices/system/cpu/$(basename $entry)" ] || continue
mount -n --bind $entry ${LXC_ROOTFS_MOUNT}/sys/devices/system/cpu/$(basename $entry)
done
fi
# Allow nesting lxcfs
if [ -d "${LXC_ROOTFS_MOUNT}/var/snap/lxd/" ]; then
rm -Rf "${LXC_ROOTFS_MOUNT}/var/snap/lxd/common/var/lib/lxcfs"
mkdir -p "${LXC_ROOTFS_MOUNT}/var/snap/lxd/common/var/lib/lxcfs"
mount -n --bind /var/snap/lxd/common/var/lib/lxcfs "${LXC_ROOTFS_MOUNT}/var/snap/lxd/common/var/lib/lxcfs/"
fi
# For backward compatibility, hand `/var/lib/lxcfs` through the host to
# the container being as the lxcfs mount point.
if [ -d "${LXC_ROOTFS_MOUNT}/var/lib/lxcfs/" ]; then
mount -n --bind /var/snap/lxd/common/var/lib/lxcfs "${LXC_ROOTFS_MOUNT}/var/lib/lxcfs/"
fi
# no need for lxcfs cgroups if we have cgroup namespaces
[ -n "$LXC_CGNS_AWARE" ] && [ -f /proc/self/ns/cgroup ] && exit 0
# Don't mess with containers that don't have /sys/fs/cgroup configured
# (lxc.mount.auto = cgroup:mixed)
if touch ${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/lxcfs; then
rm ${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/lxcfs
else
exit 0
fi
# Skip mounting cgroup tree if requested.
if [ "${SKIP_CGROUP_MOUNTS}" == "1" ]; then
exit 0
fi
# /sys/fs/cgroup files
if [ -d "${LXC_ROOTFS_MOUNT}/sys/fs/cgroup" ]; then
if [ -d /var/snap/lxd/common/var/lib/lxcfs/cgroup ]; then
# Cleanup existing mounts
for entry in ${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/*; do
DEST=$(basename $entry)
if [ "${DEST}" = "cgmanager" ]; then
continue
fi
if [ ! -d "${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}" ]; then
continue
fi
while grep -q "${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}" /proc/self/mountinfo; do
grep "${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}" /proc/self/mountinfo | cut -d' ' -f5 | while read line; do
[ -e "${line}" ] && umount -l "${line}" || true
done
done
rm -Rf ${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}
done
# Mount the new entries
for entry in /var/snap/lxd/common/var/lib/lxcfs/cgroup/*; do
DEST=$(basename $entry)
if [ "$DEST" = "name=systemd" ]; then
DEST="systemd"
fi
if [ ! -d ${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST} ]; then
mkdir ${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}
fi
mount -n --bind $entry ${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/$DEST
# make sure that cpu,cpuacct shows up as cpu and cpuacct
# separately, else systemd is unhappy
if echo $DEST | grep -q ","; then
arr=$(echo $DEST | tr "," "\n")
for single in $arr
do
if [ ! -L ${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/$single ]; then
ln -s $DEST ${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/$single
fi
done
fi
done
fi
fi
exit 0