conf: fix setups where /dev is outside of LXC's control

Fixes: #3770 Suggested-by: Ruben Jenster <r.jenster@drachenfels.de> Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
lxc · Apr 6, 2021 · 1f0a3b6 · 1f0a3b6
1 parent d75ddd9
commit 1f0a3b6
Showing 1 changed file with 5 additions and 6 deletions.
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
@@ -3457,12 +3457,6 @@ int lxc_setup(struct lxc_handler *handler)
 			return log_error(-1, "Failed to mount \"/dev\"");
 	}
 
-	lxc_conf->rootfs.dfd_dev = open_at(lxc_conf->rootfs.dfd_mnt, "dev",
-					        PROTECT_OPATH_DIRECTORY,
-						PROTECT_LOOKUP_BENEATH_XDEV, 0);
-	if (lxc_conf->rootfs.dfd_dev < 0 && errno != ENOENT)
-		return log_error_errno(-errno, errno, "Failed to open \"/dev\"");
-
 	/* Do automatic mounts (mainly /proc and /sys), but exclude those that
 	 * need to wait until other stuff has finished.
 	 */
@@ -3481,6 +3475,11 @@ int lxc_setup(struct lxc_handler *handler)
 			return log_error(-1, "Failed to setup mount entries");
 	}
 
+	lxc_conf->rootfs.dfd_dev = open_at(lxc_conf->rootfs.dfd_mnt, "dev",
+					   PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_BENEATH_XDEV, 0);
+	if (lxc_conf->rootfs.dfd_dev < 0 && errno != ENOENT)
+		return log_error_errno(-errno, errno, "Failed to open \"/dev\"");
+
 	if (lxc_conf->is_execute) {
 		if (execveat_supported()) {
 			int fd;