Tell oci-umount where to remove mountpoints inside container
This patch set add crio-umount.conf file which tells oci-umount plugin to look for leaked mount points in /var/lib/containers/storage/* and /var/run/containers/* Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
parent
4fadbea75d
commit
51b2254742
3 changed files with 15 additions and 0 deletions
3
Makefile
3
Makefile
|
@ -13,6 +13,8 @@ ETCDIR ?= ${DESTDIR}/etc
|
||||||
ETCDIR_CRIO ?= ${ETCDIR}/crio
|
ETCDIR_CRIO ?= ${ETCDIR}/crio
|
||||||
BUILDTAGS ?= selinux seccomp $(shell hack/btrfs_tag.sh) $(shell hack/libdm_tag.sh)
|
BUILDTAGS ?= selinux seccomp $(shell hack/btrfs_tag.sh) $(shell hack/libdm_tag.sh)
|
||||||
BASHINSTALLDIR=${PREFIX}/share/bash-completion/completions
|
BASHINSTALLDIR=${PREFIX}/share/bash-completion/completions
|
||||||
|
OCIUMOUNTINSTALLDIR=$(PREFIX)/share/oci-umount/oci-umount.d
|
||||||
|
|
||||||
SELINUXOPT ?= $(shell test -x /usr/sbin/selinuxenabled && selinuxenabled && echo -Z)
|
SELINUXOPT ?= $(shell test -x /usr/sbin/selinuxenabled && selinuxenabled && echo -Z)
|
||||||
PACKAGES ?= $(shell go list -tags "${BUILDTAGS}" ./... | grep -v github.com/kubernetes-incubator/cri-o/vendor)
|
PACKAGES ?= $(shell go list -tags "${BUILDTAGS}" ./... | grep -v github.com/kubernetes-incubator/cri-o/vendor)
|
||||||
|
|
||||||
|
@ -154,6 +156,7 @@ install: .gopathok
|
||||||
install.config:
|
install.config:
|
||||||
install ${SELINUXOPT} -D -m 644 crio.conf $(ETCDIR_CRIO)/crio.conf
|
install ${SELINUXOPT} -D -m 644 crio.conf $(ETCDIR_CRIO)/crio.conf
|
||||||
install ${SELINUXOPT} -D -m 644 seccomp.json $(ETCDIR_CRIO)/seccomp.json
|
install ${SELINUXOPT} -D -m 644 seccomp.json $(ETCDIR_CRIO)/seccomp.json
|
||||||
|
install ${SELINUXOPT} -D -m 644 crio-umount.conf $(OCIUMOUNTINSTALLDIR)/crio-umount.conf
|
||||||
|
|
||||||
install.completions:
|
install.completions:
|
||||||
install ${SELINUXOPT} -d -m 755 ${BASHINSTALLDIR}
|
install ${SELINUXOPT} -d -m 755 ${BASHINSTALLDIR}
|
||||||
|
|
|
@ -53,12 +53,16 @@ make all
|
||||||
%{_mandir}/man5/crio.conf.5*
|
%{_mandir}/man5/crio.conf.5*
|
||||||
%{_mandir}/man8/crio.8*
|
%{_mandir}/man8/crio.8*
|
||||||
%{_sysconfdir}/crio.conf
|
%{_sysconfdir}/crio.conf
|
||||||
|
%{_sysconfdir}/seccomp.json
|
||||||
%dir /%{_libexecdir}/crio
|
%dir /%{_libexecdir}/crio
|
||||||
/%{_libexecdir}/crio/conmon
|
/%{_libexecdir}/crio/conmon
|
||||||
/%{_libexecdir}/crio/pause
|
/%{_libexecdir}/crio/pause
|
||||||
%{_unitdir}/crio.service
|
%{_unitdir}/crio.service
|
||||||
%doc README.md
|
%doc README.md
|
||||||
%license LICENSE
|
%license LICENSE
|
||||||
|
%dir /usr/share/oci-umount/oci-umount.d
|
||||||
|
/usr/share/oci-umount/oci-umount.d/cri-umount.conf
|
||||||
|
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
%systemd_preun %{Name}
|
%systemd_preun %{Name}
|
||||||
|
|
8
crio-umount.conf
Normal file
8
crio-umount.conf
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
# This contains a list of paths on host which will be unmounted inside
|
||||||
|
# container. (If they are mounted inside container).
|
||||||
|
|
||||||
|
# If there is a "/*" at the end, that means only mounts underneath that
|
||||||
|
# mounts (submounts) will be unmounted but top level mount will remain
|
||||||
|
# in place.
|
||||||
|
/var/run/containers/*
|
||||||
|
/var/lib/containers/storage/*
|
Loading…
Reference in a new issue