@@ -2161,6 +2161,7 @@ static int copy_devnodes(const char *dest) {
21612161 NULSTR_FOREACH (d , devnodes ) {
21622162 _cleanup_free_ char * from = NULL , * to = NULL ;
21632163 struct stat st ;
2164+ bool ignore_mknod_failure = streq (d , "net/tun" );
21642165
21652166 from = path_join ("/dev/" , d );
21662167 if (!from )
@@ -2185,16 +2186,31 @@ static int copy_devnodes(const char *dest) {
21852186 /* Explicitly warn the user when /dev is already populated. */
21862187 if (errno == EEXIST )
21872188 log_notice ("%s/dev is pre-mounted and pre-populated. If a pre-mounted /dev is provided it needs to be an unpopulated file system." , dest );
2188- if (errno != EPERM || arg_uid_shift != 0 )
2189+ if (errno != EPERM || arg_uid_shift != 0 ) {
2190+ if (ignore_mknod_failure ) {
2191+ log_debug_errno (r , "mknod(%s) failed, ignoring: %m" , to );
2192+ return 0 ;
2193+ }
21892194 return log_error_errno (errno , "mknod(%s) failed: %m" , to );
2195+ }
21902196
21912197 /* Some systems abusively restrict mknod but allow bind mounts. */
21922198 r = touch (to );
2193- if (r < 0 )
2199+ if (r < 0 ) {
2200+ if (ignore_mknod_failure ) {
2201+ log_debug_errno (r , "touch (%s) failed, ignoring: %m" , to );
2202+ return 0 ;
2203+ }
21942204 return log_error_errno (r , "touch (%s) failed: %m" , to );
2205+ }
21952206 r = mount_nofollow_verbose (LOG_DEBUG , from , to , NULL , MS_BIND , NULL );
2196- if (r < 0 )
2207+ if (r < 0 ) {
2208+ if (ignore_mknod_failure ) {
2209+ log_debug_errno (r , "Both mknod and bind mount (%s) failed, ignoring: %m" , to );
2210+ return 0 ;
2211+ }
21972212 return log_error_errno (r , "Both mknod and bind mount (%s) failed: %m" , to );
2213+ }
21982214 } else {
21992215 r = userns_lchown (to , 0 , 0 );
22002216 if (r < 0 )
0 commit comments