Tell oci-umount where to remove mountpoints inside container

This patch set add crio-umount.conf file which tells oci-umount plugin
to look for leaked mount points in /var/lib/containers/storage/* and
/var/run/containers/*

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Makefile

@@ -13,6 +13,8 @@ ETCDIR ?= ${DESTDIR}/etc
 ETCDIR_CRIO ?= ${ETCDIR}/crio
 BUILDTAGS ?= selinux seccomp $(shell hack/btrfs_tag.sh) $(shell hack/libdm_tag.sh)
 BASHINSTALLDIR=${PREFIX}/share/bash-completion/completions
+OCIUMOUNTINSTALLDIR=$(PREFIX)/share/oci-umount/oci-umount.d
+
 SELINUXOPT ?= $(shell test -x /usr/sbin/selinuxenabled && selinuxenabled && echo -Z)
 PACKAGES ?= $(shell go list -tags "${BUILDTAGS}" ./... | grep -v github.com/kubernetes-incubator/cri-o/vendor)
 
@@ -154,6 +156,7 @@ install: .gopathok
 install.config:
 	install ${SELINUXOPT} -D -m 644 crio.conf $(ETCDIR_CRIO)/crio.conf
 	install ${SELINUXOPT} -D -m 644 seccomp.json $(ETCDIR_CRIO)/seccomp.json
+	install ${SELINUXOPT} -D -m 644 crio-umount.conf $(OCIUMOUNTINSTALLDIR)/crio-umount.conf
 
 install.completions:
 	install ${SELINUXOPT} -d -m 755 ${BASHINSTALLDIR}

contrib/rpm/crio.spec

@@ -53,12 +53,16 @@ make all
 %{_mandir}/man5/crio.conf.5*
 %{_mandir}/man8/crio.8*
 %{_sysconfdir}/crio.conf
+%{_sysconfdir}/seccomp.json
 %dir /%{_libexecdir}/crio
 /%{_libexecdir}/crio/conmon
 /%{_libexecdir}/crio/pause
 %{_unitdir}/crio.service
 %doc README.md
 %license LICENSE
+%dir /usr/share/oci-umount/oci-umount.d
+/usr/share/oci-umount/oci-umount.d/cri-umount.conf
+
 
 %preun
 %systemd_preun %{Name}

crio-umount.conf

@@ -0,0 +1,8 @@
+# This contains a list of paths on host which will be unmounted inside
+# container. (If they are mounted inside container).
+
+# If there is a "/*" at the end, that means only mounts underneath that
+# mounts (submounts) will be unmounted but top level mount will remain
+# in place.
+/var/run/containers/*
+/var/lib/containers/storage/*