openstack/openstack-ansible
Code Issues Proposed changes

Add some protection from shadowing mount

Browse Source 
Currently we do have wrong bind mount order, due to which /var/log/journal
is shadow mounted with later added /var/log mount.
To prevent this we're inserting new mounts before existing ones
in case where they could shadow mount destination.

Change-Id: Id8cca6d83c75202a273df23be353480366ead156
Closes-Bug: #1895533
This commit is contained in:
Dmitriy Rabotyagov 2020-09-15 17:45:07 +03:00
parent 8a3dd1414c
commit 7d7afa4f9a
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
playbooks/common-tasks/os-lxc-container-setup.yml
View File

@ -50,6 +50,7 @@
lineinfile: lineinfile:
dest: "/var/lib/lxc/{{ inventory_hostname }}/config" dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
line: "lxc.mount.entry = {{ item['mount_path'] }} {{ item['bind_dir_path'].lstrip('/') }} none bind,create=dir 0 0" line: "lxc.mount.entry = {{ item['mount_path'] }} {{ item['bind_dir_path'].lstrip('/') }} none bind,create=dir 0 0"
insertbefore: "^lxc.mount.entry = .*\\s{{ item['bind_dir_path'].lstrip('/') | regex_replace('/', '\/') }}.*"
backup: "true" backup: "true"
with_items: with_items:
- "{{ lxc_default_bind_mounts | default([]) }}" - "{{ lxc_default_bind_mounts | default([]) }}"