Unmount existing filesystems under user specified mounts in LXC

If the user requests a mount for /run, this may hide any existing
mounts that are lower down in /run. The result is that the
container still sees the mounts in /proc/mounts, but cannot
access them

sh-4.2# df
df: '/run/user/501/gvfs': No such file or directory
df: '/run/media/berrange/LIVE': No such file or directory
df: '/run/media/berrange/SecureDiskA1': No such file or directory
df: '/run/libvirt/lxc/sandbox': No such file or directory
Filesystem                      1K-blocks      Used Available Use% Mounted on
/dev/mapper/vg_t500wlan-lv_root 151476396 135390200   8384900  95% /
tmpfs                             1970888      3204   1967684   1% /run
/dev/sda1                          194241    155940     28061  85% /boot
devfs                                  64         0        64   0% /dev
tmpfs                                  64         0        64   0% /sys/fs/cgroup
tmpfs                             1970888      1200   1969688   1% /etc/libvirt-sandbox/scratch

Before mounting any filesystem at a particular location, we
must recursively unmount anything at or below the target mount
point

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index a3b01fb28a92cbba2325feab4b8529d7f24637ef..ab27a92a27cfa8fd5d7da97b9ef8b4bc2399c22e 100644 (file)
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1361,6 +1361,10 @@ static int lxcContainerMountAllFS(virDomainDefPtr vmDef,
             STREQ(vmDef->fss[i]->dst, "/"))
             continue;
 
+        if (lxcContainerUnmountSubtree(vmDef->fss[i]->dst,
+                                       false) < 0)
+            return -1;
+
         if (lxcContainerMountFS(vmDef->fss[i], dstprefix, sec_mount_options) < 0)
             return -1;
     }