Fix linux-sandbox failure when there is a mount points under /tmp
Skip remounting such mount points because they are not actually
visible in the sandbox after mounting new tmpfs.
Fixes https://github.com/bazelbuild/bazel/issues/1959
--
Change-Id: Ia1361559966ffb05ea1ddbeaee1ed7d3ebdb9e15
Reviewed-on: https://bazel-review.googlesource.com/#/c/6970/
MOS_MIGRATED_REVID=137397312
diff --git a/src/main/tools/linux-sandbox-pid1.cc b/src/main/tools/linux-sandbox-pid1.cc
index 6bd1db1..5f0482e 100644
--- a/src/main/tools/linux-sandbox-pid1.cc
+++ b/src/main/tools/linux-sandbox-pid1.cc
@@ -321,6 +321,15 @@
return false;
}
+static bool IsUnderTmpDir(const char *mnt_dir) {
+ for (const char *tmpfs_dir : opt.tmpfs_dirs) {
+ if (strstr(mnt_dir, tmpfs_dir) == mnt_dir) {
+ return true;
+ }
+ }
+ return false;
+}
+
// Makes the whole filesystem read-only, except for the paths for which
// ShouldBeWritable returns true.
static void MakeFilesystemMostlyReadOnly() {
@@ -335,6 +344,12 @@
if (strstr(ent->mnt_dir, opt.sandbox_root_dir) != ent->mnt_dir) {
continue;
}
+ // Skip mounts that are under tmpfs directories because we've already
+ // replaced such directories with new tmpfs instances.
+ // mount() would fail with ENOENT if we tried to remount such mount points.
+ if (IsUnderTmpDir(ent->mnt_dir + strlen(opt.sandbox_root_dir))) {
+ continue;
+ }
int mountFlags = MS_BIND | MS_REMOUNT;
