Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1412728
Summary: | Bind mount on /var/log seems to be over shadowed | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Mohamed Ashiq <mliyazud> |
Component: | oci-systemd-hook | Assignee: | Mrunal Patel <mpatel> |
Status: | CLOSED ERRATA | QA Contact: | Martin Jenner <mjenner> |
Severity: | urgent | Docs Contact: | |
Priority: | high | ||
Version: | 7.3 | CC: | amurdaca, cww, ddarrah, dwalsh, gouyang, hchiramm, lsm5, mliyazud, mpatel, pprakash, rcyriac |
Target Milestone: | rc | Keywords: | Extras |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | oci-systemd-hook-1:0.1.4-9.git671c428.el7 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-01-17 20:46:33 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1412281 |
Description
Mohamed Ashiq
2017-01-12 16:10:50 UTC
What version of oci-systemd-hook do you have installed rpm -q oci-systemd-hook # rpm -qa | grep oci oci-register-machine-0-1.11.gitdd0daef.el7.x86_64 oci-systemd-hook-0.1.4-8.git45455fe.el7.x86_64 In the description First systemd version is on the host and second one is on container. Mrunal, we are overmounting the directories on top of existing volume mounts and on /run/secrets. First question? Do you remember why we are mounting a tmpfs on /var/log? When we mount over /run we should probably tar up the contents from the directory and put them into the tmpfs of at least mv any mount points off of /run into the newly mounted tmpfs. # docker run -ti -v /var/log/dan:/var/log/dan:z fedora mount | grep /var/log /dev/sda2 on /var/log/dan type ext4 (rw,relatime,seclabel,data=ordered) tmpfs on /var/log type tmpfs (rw,nosuid,nodev,relatime,context="system_u:object_r:container_file_t:s0:c118,c249") /dev/sda2 on /var/log/journal/184b22d455aafb6c9d56ce1f79cf3d20 type ext4 (rw,relatime,seclabel,data=ordered) I can work on a fix, but I want your opinion. Dan, the /var/log tmpfs was for journald logs. I think we can do the same dance of MS_MOVE that we do for /run mounts. We move mounts temporarily using MS_MOVE and then put them back in place for anything over /run. We can do the same for mounts specified by the user over /var/log. tested oci-systemd-hook-0.1.4-9.git671c428.el7.x86_64.rpm, the fix works. 1. Reproduced the bug # mkdir /var/log/test # docker run -d -v /var/log/test:/var/log/test:z rhel /usr/sbin/init 44f4d3a237c94b6f0b870f972f9adf638407827103283a19fccb55433495fd7b # docker exec -it 44f4d3a237 bash # ls /var/log btmp journal wtmp # docker stop 44f4 44f4 # docker rm 44f4 44f4 2. # rpm -Uvh oci-systemd-hook-0.1.4-9.git671c428.el7.x86_64.rpm Preparing... ################################# [100%] Updating / installing... 1:oci-systemd-hook-1:0.1.4-9.git671################################# [ 50%] Cleaning up / removing... 2:oci-systemd-hook-1:0.1.4-8.git454################################# [100%] 3. # docker run -d -v /var/log/test:/var/log/test:z rhel /usr/sbin/init 2c46308f2981e72fd19378da393e8719faaee85cdeec597377bb73b13c5b8133 # docker exec -it 2c46308 bash # ls /var/log btmp journal test wtmp The /var/log/test dir is there. Thanks Dan for your quick help on this!! We are also validating the fix from our side and will update this bug accordingly. Brew link : https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=12348885 Awesome. Good news!! Gluster Container deployment is working as expected and we confirm that, the reported issue at our end is fixed with above mentioned build. Once again thanks a lot for quick help on this, much appreciated. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2017-0117.html The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |