rootfs-overlay: fix overlaybase path for cleanups

Following commit ensures not dandling mounts are left behind when we are creating an overlay on top of external rootfs. Co-authored-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Aditya Rajan <arajan@redhat.com>
2025-07-15 03:02:52 +08:00 · 2021-10-18 15:47:55 +05:30
parent 0144f46ac5
commit d0f7b99c6d
2 changed files with 50 additions and 12 deletions
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@ -1690,9 +1690,23 @@ func (c *Container) cleanupStorage() error {

 	var cleanupErr error

+	markUnmounted := func() {
+		c.state.Mountpoint = ""
+		c.state.Mounted = false
+
+		if c.valid {
+			if err := c.save(); err != nil {
+				if cleanupErr != nil {
+					logrus.Errorf("Unmounting container %s: %v", c.ID(), cleanupErr)
+				}
+				cleanupErr = err
+			}
+		}
+	}
+
 	// umount rootfs overlay if it was created
 	if c.config.RootfsOverlay {
-		overlayBasePath := c.runtime.store.GraphRoot()
+		overlayBasePath := filepath.Dir(c.config.StaticDir)
 		overlayBasePath = filepath.Join(overlayBasePath, "rootfs")
 		if err := overlay.Unmount(overlayBasePath); err != nil {
 			// If the container can't remove content report the error
@ -1717,6 +1731,7 @@ func (c *Container) cleanupStorage() error {
 	}

 	if c.config.Rootfs != "" {
+		markUnmounted()
 		return cleanupErr
 	}

@ -1761,17 +1776,7 @@ func (c *Container) cleanupStorage() error {
 		}
 	}

-	c.state.Mountpoint = ""
-	c.state.Mounted = false
-
-	if c.valid {
-		if err := c.save(); err != nil {
-			if cleanupErr != nil {
-				logrus.Errorf("Unmounting container %s: %v", c.ID(), cleanupErr)
-			}
-			cleanupErr = err
-		}
-	}
+	markUnmounted()
 	return cleanupErr
 }

--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@ -5,6 +5,7 @@ import (
 	"io/ioutil"
 	"net"
 	"os"
+	"os/exec"
 	"path/filepath"
 	"strconv"
 	"strings"
@ -12,6 +13,7 @@ import (
 	"time"

 	"github.com/containers/podman/v3/pkg/cgroups"
+	"github.com/containers/podman/v3/pkg/rootless"
 	. "github.com/containers/podman/v3/test/utils"
 	"github.com/containers/storage/pkg/stringid"
 	"github.com/mrunalp/fileutils"
@ -226,6 +228,37 @@ var _ = Describe("Podman run", func() {
 		stdoutLines := session.OutputToStringArray()
 		Expect(stdoutLines).Should(HaveLen(1))
 		Expect(stdoutLines[0]).Should(Equal(uniqueString))
+
+		SkipIfRemote("External overlay only work locally")
+		if os.Getenv("container") != "" {
+			Skip("Overlay mounts not supported when running in a container")
+		}
+		if rootless.IsRootless() {
+			if _, err := exec.LookPath("fuse-overlayfs"); err != nil {
+				Skip("Fuse-Overlayfs required for rootless overlay mount test")
+			}
+		}
+		// Test --rootfs with an external overlay
+		// use --rm to remove container and confirm if we did not leak anything
+		osession := podmanTest.Podman([]string{"run", "-i", "--rm", "--security-opt", "label=disable",
+			"--rootfs", rootfs + ":O", "cat", testFilePath})
+		osession.WaitWithDefaultTimeout()
+		Expect(osession).Should(Exit(0))
+
+		// Test podman start stop with overlay
+		osession = podmanTest.Podman([]string{"run", "--name", "overlay-foo", "--security-opt", "label=disable",
+			"--rootfs", rootfs + ":O", "echo", "hello"})
+		osession.WaitWithDefaultTimeout()
+		Expect(osession).Should(Exit(0))
+
+		osession = podmanTest.Podman([]string{"stop", "overlay-foo"})
+		osession.WaitWithDefaultTimeout()
+		Expect(osession).Should(Exit(0))
+
+		startsession := podmanTest.Podman([]string{"start", "--attach", "overlay-foo"})
+		startsession.WaitWithDefaultTimeout()
+		Expect(startsession).Should(Exit(0))
+		Expect(startsession.OutputToString()).To(Equal("hello"))
 	})

 	It("podman run a container with --init", func() {