* [PATCH container/manager 0/2] make mount point attribute preservation configurable @ 2026-02-11 11:06 Filip Schauer 2026-02-11 11:06 ` [PATCH container 1/2] " Filip Schauer 2026-02-11 11:06 ` [PATCH manager 2/2] ui: lxc/MPEdit: add "keepattrs" flag Filip Schauer 0 siblings, 2 replies; 6+ messages in thread From: Filip Schauer @ 2026-02-11 11:06 UTC (permalink / raw) To: pve-devel The commit 0db559517ac6 (mountpoint_insert_staged: inherit attributes if directory already exists) introduced automatic propagation of uid, gid, and mode from the target directory to the mounted filesystem. While this improves compatibility with some OCI images, it also caused undesired ownership changes on some mount points. Since attribute preservation is not always desired, make this behavior configurable via a new "keepattrs" mountpoint flag. Default to disabled to preserve historical behavior. Patch 2/2 exposes this flag in the UI and depends on patch 1/2. pve-container: Filip Schauer (1): make mount point attribute preservation configurable src/PVE/LXC.pm | 4 +--- src/PVE/LXC/Config.pm | 6 ++++++ src/lxc-pve-prestart-hook | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) pve-manager: Filip Schauer (1): ui: lxc/MPEdit: add "keepattrs" flag www/manager6/lxc/MPEdit.js | 15 +++++++++++++++ 1 file changed, 15 insertions(+) Summary over all repositories: 4 files changed, 23 insertions(+), 4 deletions(-) -- Generated by git-murpp 0.6.0 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH container 1/2] make mount point attribute preservation configurable 2026-02-11 11:06 [PATCH container/manager 0/2] make mount point attribute preservation configurable Filip Schauer @ 2026-02-11 11:06 ` Filip Schauer 2026-02-11 13:49 ` Fabian Grünbichler 2026-02-11 11:06 ` [PATCH manager 2/2] ui: lxc/MPEdit: add "keepattrs" flag Filip Schauer 1 sibling, 1 reply; 6+ messages in thread From: Filip Schauer @ 2026-02-11 11:06 UTC (permalink / raw) To: pve-devel The commit 0db559517ac6 (mountpoint_insert_staged: inherit attributes if directory already exists) introduced automatic propagation of uid, gid, and mode from the target directory to the mounted filesystem. While this improves compatibility with some OCI images, it also caused undesired ownership changes on some mount points. Since attribute preservation is not always desired, make this behavior configurable via a new "keepattrs" mountpoint flag. Default to disabled to preserve historical behavior. Signed-off-by: Filip Schauer <f.schauer@proxmox.com> --- src/PVE/LXC.pm | 4 +--- src/PVE/LXC/Config.pm | 6 ++++++ src/lxc-pve-prestart-hook | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm index 41ea991..2c02e9a 100644 --- a/src/PVE/LXC.pm +++ b/src/PVE/LXC.pm @@ -2478,10 +2478,8 @@ sub mountpoint_hotplug : prototype($$$$$) { chdir('/') or die "failed to change root directory within the container's mount namespace: $!\n"; - my $keep_attrs = $mp->{type} eq 'volume'; - mountpoint_insert_staged( - $mount_fd, undef, $mp->{mp}, $opt, $root_uid, $root_gid, $keep_attrs, + $mount_fd, undef, $mp->{mp}, $opt, $root_uid, $root_gid, $mp->{keepattrs}, ); }); } diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm index 6f54e9f..0090d61 100644 --- a/src/PVE/LXC/Config.pm +++ b/src/PVE/LXC/Config.pm @@ -987,6 +987,12 @@ my $mp_desc = { verbose_description => "Path to the mount point as seen from inside the container.\n\n" . "NOTE: Must not contain any symlinks for security reasons.", }, + keepattrs => { + type => 'boolean', + description => 'Inherit attributes from the target path, if it exists already.', + optional => 1, + default => 0, + }, }; PVE::JSONSchema::register_format('pve-ct-mountpoint', $mp_desc); diff --git a/src/lxc-pve-prestart-hook b/src/lxc-pve-prestart-hook index f900c12..9862509 100755 --- a/src/lxc-pve-prestart-hook +++ b/src/lxc-pve-prestart-hook @@ -100,7 +100,7 @@ PVE::LXC::Tools::lxc_hook( # Mount relative to the rootdir fd. $dest_base_fd = $rootdir_fd; $dest_dir = './' . $mountpoint->{mp}; - $keep_attrs = $mountpoint->{type} eq 'volume'; + $keep_attrs = $mountpoint->{keepattrs}; } else { # Assert that 'rootfs' is the first one: die "foreach_mount() error\n" if $opt ne 'rootfs'; -- 2.47.3 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH container 1/2] make mount point attribute preservation configurable 2026-02-11 11:06 ` [PATCH container 1/2] " Filip Schauer @ 2026-02-11 13:49 ` Fabian Grünbichler 2026-02-11 14:43 ` superseded: " Filip Schauer 0 siblings, 1 reply; 6+ messages in thread From: Fabian Grünbichler @ 2026-02-11 13:49 UTC (permalink / raw) To: Filip Schauer, pve-devel On February 11, 2026 12:06 pm, Filip Schauer wrote: > The commit 0db559517ac6 (mountpoint_insert_staged: inherit attributes if > directory already exists) introduced automatic propagation of uid, gid, > and mode from the target directory to the mounted filesystem. While this > improves compatibility with some OCI images, it also caused undesired > ownership changes on some mount points. > > Since attribute preservation is not always desired, make this behavior > configurable via a new "keepattrs" mountpoint flag. Default to disabled > to preserve historical behavior. > > Signed-off-by: Filip Schauer <f.schauer@proxmox.com> Reviewed-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> > --- > src/PVE/LXC.pm | 4 +--- > src/PVE/LXC/Config.pm | 6 ++++++ > src/lxc-pve-prestart-hook | 2 +- > 3 files changed, 8 insertions(+), 4 deletions(-) > > diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm > index 41ea991..2c02e9a 100644 > --- a/src/PVE/LXC.pm > +++ b/src/PVE/LXC.pm > @@ -2478,10 +2478,8 @@ sub mountpoint_hotplug : prototype($$$$$) { > chdir('/') > or die "failed to change root directory within the container's mount namespace: $!\n"; > > - my $keep_attrs = $mp->{type} eq 'volume'; > - > mountpoint_insert_staged( > - $mount_fd, undef, $mp->{mp}, $opt, $root_uid, $root_gid, $keep_attrs, > + $mount_fd, undef, $mp->{mp}, $opt, $root_uid, $root_gid, $mp->{keepattrs}, > ); > }); > } > diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm > index 6f54e9f..0090d61 100644 > --- a/src/PVE/LXC/Config.pm > +++ b/src/PVE/LXC/Config.pm > @@ -987,6 +987,12 @@ my $mp_desc = { > verbose_description => "Path to the mount point as seen from inside the container.\n\n" > . "NOTE: Must not contain any symlinks for security reasons.", > }, > + keepattrs => { > + type => 'boolean', > + description => 'Inherit attributes from the target path, if it exists already.', nit: "target path" is not a term we've used here in the past.. the usual term for this directory is "mountpoint". maybe s/target path/mountpoint directory/ here? _maybe_ we could also spell out what "attributes" means here? > + optional => 1, > + default => 0, > + }, > }; > PVE::JSONSchema::register_format('pve-ct-mountpoint', $mp_desc); > > diff --git a/src/lxc-pve-prestart-hook b/src/lxc-pve-prestart-hook > index f900c12..9862509 100755 > --- a/src/lxc-pve-prestart-hook > +++ b/src/lxc-pve-prestart-hook > @@ -100,7 +100,7 @@ PVE::LXC::Tools::lxc_hook( > # Mount relative to the rootdir fd. > $dest_base_fd = $rootdir_fd; > $dest_dir = './' . $mountpoint->{mp}; > - $keep_attrs = $mountpoint->{type} eq 'volume'; > + $keep_attrs = $mountpoint->{keepattrs}; > } else { > # Assert that 'rootfs' is the first one: > die "foreach_mount() error\n" if $opt ne 'rootfs'; > -- > 2.47.3 > > > > > > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: superseded: [PATCH container 1/2] make mount point attribute preservation configurable 2026-02-11 13:49 ` Fabian Grünbichler @ 2026-02-11 14:43 ` Filip Schauer 0 siblings, 0 replies; 6+ messages in thread From: Filip Schauer @ 2026-02-11 14:43 UTC (permalink / raw) To: Fabian Grünbichler, pve-devel On 11/02/2026 14:48, Fabian Grünbichler wrote: > nit: "target path" is not a term we've used here in the past.. the usual > term for this directory is "mountpoint". > > maybe s/target path/mountpoint directory/ here? > > _maybe_ we could also spell out what "attributes" means here? Superseded by v2: https://lore.proxmox.com/pve-devel/20260211144111.123837-1-f.schauer@proxmox.com ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH manager 2/2] ui: lxc/MPEdit: add "keepattrs" flag 2026-02-11 11:06 [PATCH container/manager 0/2] make mount point attribute preservation configurable Filip Schauer 2026-02-11 11:06 ` [PATCH container 1/2] " Filip Schauer @ 2026-02-11 11:06 ` Filip Schauer 2026-02-11 13:49 ` Fabian Grünbichler 1 sibling, 1 reply; 6+ messages in thread From: Filip Schauer @ 2026-02-11 11:06 UTC (permalink / raw) To: pve-devel Expose the "keepattrs" flag for mount points in the UI. Signed-off-by: Filip Schauer <f.schauer@proxmox.com> --- This depends on patch 1/2. www/manager6/lxc/MPEdit.js | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/www/manager6/lxc/MPEdit.js b/www/manager6/lxc/MPEdit.js index f4c45876..4bba536c 100644 --- a/www/manager6/lxc/MPEdit.js +++ b/www/manager6/lxc/MPEdit.js @@ -47,6 +47,7 @@ Ext.define('PVE.lxc.MountPointInputPanel', { setMPOpt('ro', values.ro); setMPOpt('acl', values.acl); setMPOpt('replicate', values.replicate); + setMPOpt('keepattrs', values.keepattrs); let res = {}; res[confid] = PVE.Parser.printLxcMountPoint(me.mp); @@ -338,6 +339,20 @@ Ext.define('PVE.lxc.MountPointInputPanel', { name: 'replicate', fieldLabel: gettext('Skip replication'), }, + { + xtype: 'proxmoxcheckbox', + name: 'keepattrs', + defaultValue: '0', + fieldLabel: gettext('Keep Attributes'), + autoEl: { + tag: 'div', + 'data-qtip': gettext('Preserve Attributes of Target Directory'), + }, + bind: { + hidden: '{isRoot}', + disabled: '{isRoot}', + }, + }, ], }); -- 2.47.3 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH manager 2/2] ui: lxc/MPEdit: add "keepattrs" flag 2026-02-11 11:06 ` [PATCH manager 2/2] ui: lxc/MPEdit: add "keepattrs" flag Filip Schauer @ 2026-02-11 13:49 ` Fabian Grünbichler 0 siblings, 0 replies; 6+ messages in thread From: Fabian Grünbichler @ 2026-02-11 13:49 UTC (permalink / raw) To: Filip Schauer, pve-devel On February 11, 2026 12:06 pm, Filip Schauer wrote: > Expose the "keepattrs" flag for mount points in the UI. > > Signed-off-by: Filip Schauer <f.schauer@proxmox.com> Reviewed-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> > --- > This depends on patch 1/2. > > www/manager6/lxc/MPEdit.js | 15 +++++++++++++++ > 1 file changed, 15 insertions(+) > > diff --git a/www/manager6/lxc/MPEdit.js b/www/manager6/lxc/MPEdit.js > index f4c45876..4bba536c 100644 > --- a/www/manager6/lxc/MPEdit.js > +++ b/www/manager6/lxc/MPEdit.js > @@ -47,6 +47,7 @@ Ext.define('PVE.lxc.MountPointInputPanel', { > setMPOpt('ro', values.ro); > setMPOpt('acl', values.acl); > setMPOpt('replicate', values.replicate); > + setMPOpt('keepattrs', values.keepattrs); > > let res = {}; > res[confid] = PVE.Parser.printLxcMountPoint(me.mp); > @@ -338,6 +339,20 @@ Ext.define('PVE.lxc.MountPointInputPanel', { > name: 'replicate', > fieldLabel: gettext('Skip replication'), > }, > + { > + xtype: 'proxmoxcheckbox', > + name: 'keepattrs', > + defaultValue: '0', > + fieldLabel: gettext('Keep Attributes'), > + autoEl: { > + tag: 'div', > + 'data-qtip': gettext('Preserve Attributes of Target Directory'), nit: this is not a heading/label, so it should have regular casing? > + }, > + bind: { > + hidden: '{isRoot}', > + disabled: '{isRoot}', > + }, > + }, > ], > }); > > -- > 2.47.3 > > > > > > ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2026-02-11 14:43 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2026-02-11 11:06 [PATCH container/manager 0/2] make mount point attribute preservation configurable Filip Schauer 2026-02-11 11:06 ` [PATCH container 1/2] " Filip Schauer 2026-02-11 13:49 ` Fabian Grünbichler 2026-02-11 14:43 ` superseded: " Filip Schauer 2026-02-11 11:06 ` [PATCH manager 2/2] ui: lxc/MPEdit: add "keepattrs" flag Filip Schauer 2026-02-11 13:49 ` Fabian Grünbichler
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox