nspawn: add log message to let users know that nspawn needs an empty /dev directory (#4226)

Fixes https://github.com/systemd/systemd/issues/3695 At the same time it adds a protection against userns chown of inodes of a shared mount point.
2016-10-05 06:57:02 +02:00 · 2016-10-05 06:57:02 +02:00 · 41eb436265
parent d4c08299f2
commit 41eb436265
1 changed files with 6 additions and 0 deletions
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@ -1395,6 +1395,12 @@ static int copy_devnodes(const char *dest) {

                } else {
                        if (mknod(to, st.st_mode, st.st_rdev) < 0) {
+                                /*
+                                 * This is some sort of protection too against
+                                 * recursive userns chown on shared /dev/
+                                 */
+                                if (errno == EEXIST)
+                                        log_notice("%s/dev/ should be an empty directory", dest);
                                if (errno != EPERM)
                                        return log_error_errno(errno, "mknod(%s) failed: %m", to);