From c310d745c7506b55a711293d64960fb176fa5fca Mon Sep 17 00:00:00 2001 From: Mark Asselstine Date: Tue, 17 Sep 2019 15:58:31 -0400 Subject: oci-systemd-hook: fixup patch context commit 7394c154a92f [containers: update oci-systemd-hook to 0.2.0] incorrectly adjusted the context around the patch 0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch. This resulted in containers failing with an error: systemdhook : Failed to mkdir new dest: /opt/container/cube-server/rootfs/sys/fs/cgroup/perf_event: No such file or directory Unfortunately, the code was being patched in ahead of the mounting of the tmpfs after the patch context was adjusted. You can even get a hint of this in the comment "Systemd is already handled above". Here we correct this by pushing the code down to the correct position in the file/function, making the error go away and proper function return. Signed-off-by: Mark Asselstine Signed-off-by: Bruce Ashfield --- ...itional-cgroup-mounts-from-root-NS-automatica.patch | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch index b1299f50..34f0c09e 100644 --- a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch +++ b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch @@ -1,4 +1,4 @@ -From f9c640fa1d4c14dfbd2bc40af91cb446ad373075 Mon Sep 17 00:00:00 2001 +From 12d92162c449d51f4ffa482f7daaeb42c4135937 Mon Sep 17 00:00:00 2001 From: Jason Wessel Date: Tue, 2 Jul 2019 20:51:08 +0000 Subject: [PATCH] Add additional cgroup mounts from root NS automatically @@ -9,10 +9,10 @@ Signed-off-by: Jason Wessel 1 file changed, 45 insertions(+) diff --git a/src/systemdhook.c b/src/systemdhook.c -index 87a3585..5220c54 100644 +index c2cb2b9..f9ec9f2 100644 --- a/src/systemdhook.c +++ b/src/systemdhook.c -@@ -281,6 +281,11 @@ static char *get_process_cgroup_subsystem_path(const char *id, int pid, const ch +@@ -274,6 +274,11 @@ static char *get_process_cgroup_subsystem_path(const char *id, int pid, const ch static int mount_cgroup(const char *id, const char *rootfs, const char *options, char *systemd_path) { _cleanup_free_ char *cgroup_path = NULL; @@ -24,8 +24,8 @@ index 87a3585..5220c54 100644 if (asprintf(&cgroup_path, "%s/%s", rootfs, CGROUP_ROOT) < 0) { pr_perror("%s: Failed to create path for %s", id, CGROUP_ROOT); -@@ -290,6 +295,46 @@ static int mount_cgroup(const char *id, const char *rootfs, const char *options, - pr_perror("%s: Failed to mkdir new dest: %s", id, cgroup_path); +@@ -292,6 +297,46 @@ static int mount_cgroup(const char *id, const char *rootfs, const char *options, + pr_perror("%s: Failed to mkdir new dest: %s", id, systemd_path); return -1; } + /* Create all additional cgroup mounts which are in the root namespace */ @@ -68,9 +68,9 @@ index 87a3585..5220c54 100644 + free(dpath); + } + closedir(dir); - /* Mount tmpfs at new cgroup directory */ - if (mount("tmpfs", cgroup_path, "tmpfs", MS_NODEV|MS_NOSUID, options) == -1) { - pr_perror("%s: Failed to mount tmpfs at %s", id, cgroup_path); + if (remount_readonly(id, cgroup_path, cgroup_path) < 0) { + return -1; + } -- -2.19.1 +2.7.4 -- cgit v1.2.3-54-g00ecf