libcontainer: default mount propagation correctly

euank · euank · commit 4301b440d6a3 · 2017-09-22T13:36:23.000-07:00
The code in prepareRoot (https://github.com/opencontainers/runc/blob/e385f67a0e45fa1d8ef8154e2aea5128ea1d331b/libcontainer/rootfs_linux.go#L599-L605) attempts to default the rootfs mount to `rslave`. However, since the spec conversion has already defaulted it to `rprivate`, that code doesn't actually ever do anything. This changes the spec conversion code to accept "" and treat it as 0. Implicitly, this makes rootfs propagation default to `rslave`, which is a part of fixing the moby bug moby/moby#34672 Alternate implementatoins include changing this defaulting to be `rslave` and removing the defaulting code in prepareRoot, or skipping the mapping entirely for "", but I think this change is the cleanest of those options. Signed-off-by: Euan Kemp <euan.kemp@coreos.com>
diff --git a/libcontainer/specconv/spec_linux.go b/libcontainer/specconv/spec_linux.go
@@ -37,7 +37,7 @@ var mountPropagationMapping = map[string]int{
 	"slave":    unix.MS_SLAVE,
 	"rshared":  unix.MS_SHARED | unix.MS_REC,
 	"shared":   unix.MS_SHARED,
-	"":         unix.MS_PRIVATE | unix.MS_REC,
+	"":         0,
 }
 
 var allowedDevices = []*configs.Device{

Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ var mountPropagationMapping = map[string]int{`
`37`	`37`	`"slave": unix.MS_SLAVE,`
`38`	`38`	`"rshared": unix.MS_SHARED \| unix.MS_REC,`
`39`	`39`	`"shared": unix.MS_SHARED,`
`40`		`- "": unix.MS_PRIVATE \| unix.MS_REC,`
	`40`	`+ "": 0,`
`41`	`41`	`}`
`42`	`42`
`43`	`43`	`var allowedDevices = []*configs.Device{`