From 9133caa6d3ad9abc4e21a3bbb719d4334efc6791 Mon Sep 17 00:00:00 2001 From: Bernerd Schaefer Date: Mon, 12 May 2014 14:41:07 +0200 Subject: [PATCH] Setup standard /dev symlinks After copying allowed device nodes, set up "/dev/fd", "/dev/stdin", "/dev/stdout", and "/dev/stderr" symlinks. Docker-DCO-1.1-Signed-off-by: Bernerd Schaefer (github: bernerdschaefer) [rebased by @crosbymichael] Docker-DCO-1.1-Signed-off-by: Michael Crosby (github: crosbymichael) --- libcontainer/mount/init.go | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/libcontainer/mount/init.go b/libcontainer/mount/init.go index e5f2b43..6f3080c 100644 --- a/libcontainer/mount/init.go +++ b/libcontainer/mount/init.go @@ -54,6 +54,9 @@ func InitializeMountNamespace(rootfs, console string, container *libcontainer.Co if err := SetupPtmx(rootfs, console, container.Context["mount_label"]); err != nil { return err } + if err := setupDevSymlinks(rootfs); err != nil { + return fmt.Errorf("dev symlinks %s", err) + } if err := system.Chdir(rootfs); err != nil { return fmt.Errorf("chdir into %s %s", rootfs, err) } @@ -114,6 +117,34 @@ func createIfNotExists(path string, isDir bool) error { return nil } +func setupDevSymlinks(rootfs string) error { + var links = [][2]string{ + {"/proc/self/fd", "/dev/fd"}, + {"/proc/self/fd/0", "/dev/stdin"}, + {"/proc/self/fd/1", "/dev/stdout"}, + {"/proc/self/fd/2", "/dev/stderr"}, + } + + // kcore support can be toggled with CONFIG_PROC_KCORE; only create a symlink + // in /dev if it exists in /proc. + if _, err := os.Stat("/proc/kcore"); err == nil { + links = append(links, [2]string{"/proc/kcore", "/dev/kcore"}) + } + + for _, link := range links { + var ( + src = link[0] + dst = filepath.Join(rootfs, link[1]) + ) + + if err := os.Symlink(src, dst); err != nil && !os.IsExist(err) { + return fmt.Errorf("symlink %s %s %s", src, dst, err) + } + } + + return nil +} + func setupBindmounts(rootfs string, bindMounts libcontainer.Mounts) error { for _, m := range bindMounts.OfType("bind") { var (