vbatts/pkg
1
0
Fork 0
Code Pull requests Releases Activity

Merge pull request #5673 from tianon/kcore-error

Browse source 
Update restrict.Restrict to both show the error message when failing to mount /dev/null over /proc/kcore, and to ignore "not exists" errors while doing so (for when CONFIG_PROC_KCORE=n in the kernel)
This commit is contained in:
Michael Crosby 2014-05-08 10:20:19 -07:00
commit 78848a31a5
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
libcontainer/security/restrict/restrict.go
View file

@ -4,6 +4,7 @@ package restrict
import ( import (
"fmt" "fmt"
"os"
"syscall" "syscall"
"github.com/dotcloud/docker/pkg/system" "github.com/dotcloud/docker/pkg/system"
@ -18,8 +19,8 @@ func Restrict(mounts ...string) error {
return fmt.Errorf("unable to remount %s readonly: %s", dest, err) return fmt.Errorf("unable to remount %s readonly: %s", dest, err)
} }
} }
if err := system.Mount("/dev/null", "/proc/kcore", "", syscall.MS_BIND, ""); err != nil { if err := system.Mount("/dev/null", "/proc/kcore", "", syscall.MS_BIND, ""); err != nil && !os.IsNotExist(err) {
return fmt.Errorf("unable to bind-mount /dev/null over /proc/kcore") return fmt.Errorf("unable to bind-mount /dev/null over /proc/kcore: %s", err)
} }
return nil return nil
} }