duplicated devices in mknod when run with --privileged
lishaowen0426 opened this issue · comments
if let Some(added_devices) = linux.devices() {
tracing::debug!("with linux added devices: {:?}", added_devices);
devicer.create_devices(
rootfs,
default_devices().iter().chain(added_devices),
bind_devices,
)
} else {
tracing::debug!("with only default devices");
devicer.create_devices(rootfs, &default_devices(), bind_devices)
}?;
in prepare_rootfs
when run with docker --privileged, since all host devices can be accessed in /dev, this causes some duplicated devices in default_devices()
and linux.devices()
which are then chained together.
On my machine, I got failed to mknod device LinuxDevice { path: "/dev/full", typ: C, major: 1, minor: 7, file_mode: Some(438), uid: Some(0), gid: Some(0) } with err Nix(EEXIST)
Hey, thanks for the bug report!
Can you post the complete command that you used to do this, as well as the docker setup/ config that you used, so we can try reproducing this?
I run with docker run -it --rm --privileged debian bash
The only thing I've changed with docker is
{
"default-runtime" : "youki",
"runtimes": {
"youki" : {"path": "youki/binary/path", "runtimeArgs" : ["--debug", "--systemd-log"]}
}
}
I use youki debug build
ok, thanks, the fix seems apparently simple, to filter out extra devices, so will try to get this fixed soon 👍