[pve-devel] [PATCH v3 container 2/2] fix #1451: add mountoptions to lxc
Oguz Bektas
o.bektas at proxmox.com
Fri Jul 5 13:27:05 CEST 2019
for now allows:
* noexec
* noatime
* nosuid
* nodev
Signed-off-by: Oguz Bektas <o.bektas at proxmox.com>
---
v2 -> v3:
* have list of supported mount options only at one place
src/PVE/LXC.pm | 12 ++++++++++--
src/PVE/LXC/Config.pm | 13 +++++++++++++
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 4922fb0..13ead7f 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1415,11 +1415,19 @@ sub mountpoint_mount {
die "unknown snapshot path for '$volid'" if !$storage && defined($snapname);
- my $optstring = '';
+ my @mountoptions= split(/;/, $mountpoint->{mountoptions});
+ my $optlist = [];
+ my $allowed_options = PVE::LXC::Config::get_mount_options();
+ foreach my $opt (@mountoptions) {
+ push @$optlist, $opt if $opt =~ $allowed_options
+ }
+
my $acl = $mountpoint->{acl};
if (defined($acl)) {
- $optstring .= ($acl ? 'acl' : 'noacl');
+ push @$optlist, ($acl ? 'acl' : 'noacl');
}
+
+ my $optstring = join(',', @$optlist);
my $readonly = $mountpoint->{ro};
my @extra_opts;
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 8dcd73c..71788ba 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -216,6 +216,12 @@ sub __snapshot_foreach_volume {
cfs_register_file('/lxc/', \&parse_pct_config, \&write_pct_config);
+my $mount_option = qr/(noatime|nodev|nosuid|noexec)/;
+
+sub get_mount_options {
+ return $mount_option;
+}
+
my $rootfs_desc = {
volume => {
type => 'string',
@@ -236,6 +242,13 @@ my $rootfs_desc = {
description => 'Explicitly enable or disable ACL support.',
optional => 1,
},
+ mountoptions => {
+ optional => 1,
+ type => 'string',
+ description => 'Extra mount options for rootfs/mps.',
+ format_description => 'opt[;opt...]',
+ pattern => qr/$mount_option(;$mount_option)*/,
+ },
ro => {
type => 'boolean',
description => 'Read-only mount point',
--
2.11.0
More information about the pve-devel
mailing list