docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make sure network files exist before adding them to mounts 

It is possible that network files do not exist, especially in the case
of `--net=host` where a host OS (like CoreOS) does not use certain
standard network files.  This patch verifies that the source file of a
network mount point exists before adding it to the list of mount points
for bind mounting from the container's metadata directory.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
This commit is contained in:
Phil Estes 2015-10-12 17:18:34 -04:00
parent 151564d39b
commit ed68486f68
1 changed files with 42 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
daemon/container_unix.go
View File

@ -1231,6 +1231,9 @@ func (container *Container) networkMounts() []execdriver.Mount {
var mounts []execdriver.Mount var mounts []execdriver.Mount
shared := container.hostConfig.NetworkMode.IsContainer() shared := container.hostConfig.NetworkMode.IsContainer()
if container.ResolvConfPath != "" { if container.ResolvConfPath != "" {
if _, err := os.Stat(container.ResolvConfPath); err != nil {
logrus.Warnf("ResolvConfPath set to %q, but can't stat this filename (err = %v); skipping", container.ResolvConfPath, err)
} else {
label.Relabel(container.ResolvConfPath, container.MountLabel, shared) label.Relabel(container.ResolvConfPath, container.MountLabel, shared)
writable := !container.hostConfig.ReadonlyRootfs writable := !container.hostConfig.ReadonlyRootfs
if m, exists := container.MountPoints["/etc/resolv.conf"]; exists { if m, exists := container.MountPoints["/etc/resolv.conf"]; exists {
@ -1243,7 +1246,11 @@ func (container *Container) networkMounts() []execdriver.Mount {
Private: true, Private: true,
}) })
} }
}
if container.HostnamePath != "" { if container.HostnamePath != "" {
if _, err := os.Stat(container.HostnamePath); err != nil {
logrus.Warnf("HostnamePath set to %q, but can't stat this filename (err = %v); skipping", container.HostnamePath, err)
} else {
label.Relabel(container.HostnamePath, container.MountLabel, shared) label.Relabel(container.HostnamePath, container.MountLabel, shared)
writable := !container.hostConfig.ReadonlyRootfs writable := !container.hostConfig.ReadonlyRootfs
if m, exists := container.MountPoints["/etc/hostname"]; exists { if m, exists := container.MountPoints["/etc/hostname"]; exists {
@ -1256,7 +1263,11 @@ func (container *Container) networkMounts() []execdriver.Mount {
Private: true, Private: true,
}) })
} }
}
if container.HostsPath != "" { if container.HostsPath != "" {
if _, err := os.Stat(container.HostsPath); err != nil {
logrus.Warnf("HostsPath set to %q, but can't stat this filename (err = %v); skipping", container.HostsPath, err)
} else {
label.Relabel(container.HostsPath, container.MountLabel, shared) label.Relabel(container.HostsPath, container.MountLabel, shared)
writable := !container.hostConfig.ReadonlyRootfs writable := !container.hostConfig.ReadonlyRootfs
if m, exists := container.MountPoints["/etc/hosts"]; exists { if m, exists := container.MountPoints["/etc/hosts"]; exists {
@ -1269,6 +1280,7 @@ func (container *Container) networkMounts() []execdriver.Mount {
Private: true, Private: true,
}) })
} }
}
return mounts return mounts
} }