* [PATCH container] fix #7271: exclude non-volume mountpoints from attribute preservation
@ 2026-02-06 11:02 Daniel Kral
2026-02-06 14:30 ` applied: " Thomas Lamprecht
0 siblings, 1 reply; 2+ messages in thread
From: Daniel Kral @ 2026-02-06 11:02 UTC (permalink / raw)
To: pve-devel
The commit 0db5595 (mountpoint_insert_staged: inherit attributes if
directory already exists) allows preserving attributes of the underlying
directory that is used as the mount target. Subsequently, the commit
abebdaa (fix #7267: do not inherit host attributes for rootfs) excludes
the rootdir with the $keep_attrs argument from this preservation.
As bind mountpoints might not support chaning the file permissions
and/or ownership, e.g. NFS shares, containers with such bind mounts fail
to start. Therefore, further exclude any non-volume mountpoints as these
are managed externally.
Signed-off-by: Daniel Kral <d.kral@proxmox.com>
---
Tested this with a debian container and a volume mountpoint, a
bind-mounted subdirectory on the host and a bind-mounted NFS share.
src/PVE/LXC.pm | 6 +++++-
src/lxc-pve-prestart-hook | 2 +-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index b45490b..6cdc80e 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -2473,7 +2473,11 @@ sub mountpoint_hotplug : prototype($$$$$) {
chdir('/')
or die "failed to change root directory within the container's mount namespace: $!\n";
- mountpoint_insert_staged($mount_fd, undef, $mp->{mp}, $opt, $root_uid, $root_gid, 1);
+ my $keep_attrs = $mp->{type} eq 'volume';
+
+ mountpoint_insert_staged(
+ $mount_fd, undef, $mp->{mp}, $opt, $root_uid, $root_gid, $keep_attrs,
+ );
});
}
diff --git a/src/lxc-pve-prestart-hook b/src/lxc-pve-prestart-hook
index d264ab9..f900c12 100755
--- a/src/lxc-pve-prestart-hook
+++ b/src/lxc-pve-prestart-hook
@@ -100,7 +100,7 @@ PVE::LXC::Tools::lxc_hook(
# Mount relative to the rootdir fd.
$dest_base_fd = $rootdir_fd;
$dest_dir = './' . $mountpoint->{mp};
- $keep_attrs = 1;
+ $keep_attrs = $mountpoint->{type} eq 'volume';
} else {
# Assert that 'rootfs' is the first one:
die "foreach_mount() error\n" if $opt ne 'rootfs';
--
2.47.3
^ permalink raw reply [flat|nested] 2+ messages in thread
* applied: [PATCH container] fix #7271: exclude non-volume mountpoints from attribute preservation
2026-02-06 11:02 [PATCH container] fix #7271: exclude non-volume mountpoints from attribute preservation Daniel Kral
@ 2026-02-06 14:30 ` Thomas Lamprecht
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2026-02-06 14:30 UTC (permalink / raw)
To: pve-devel, Daniel Kral
On Fri, 06 Feb 2026 12:02:41 +0100, Daniel Kral wrote:
> The commit 0db5595 (mountpoint_insert_staged: inherit attributes if
> directory already exists) allows preserving attributes of the underlying
> directory that is used as the mount target. Subsequently, the commit
> abebdaa (fix #7267: do not inherit host attributes for rootfs) excludes
> the rootdir with the $keep_attrs argument from this preservation.
>
> As bind mountpoints might not support chaning the file permissions
> and/or ownership, e.g. NFS shares, containers with such bind mounts fail
> to start. Therefore, further exclude any non-volume mountpoints as these
> are managed externally.
>
> [...]
Applied, thanks!
[1/1] fix #7271: exclude non-volume mountpoints from attribute preservation
commit: a7978199c5e293e7d9416777caacddfd7933b0ce
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-02-06 14:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-02-06 11:02 [PATCH container] fix #7271: exclude non-volume mountpoints from attribute preservation Daniel Kral
2026-02-06 14:30 ` applied: " Thomas Lamprecht
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.