From 64dd35ba4fe0476df185be13c513d4c04dc4b6eb Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Wed, 4 Aug 2021 16:23:07 +0000 Subject: [PATCH] virtcontainers: fc: properly remove jailed block device When running a firecracker instance jailed, block devices are not removed correctly, as the jailerRoot path is not stripped from the PATCH command sent to the FC API. This patch differentiates the jailed case from the non-jailed one and allows the firecracker instance to be properly terminated. Fixes #2387 Signed-off-by: Anastassios Nanos --- src/runtime/virtcontainers/fc.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/runtime/virtcontainers/fc.go b/src/runtime/virtcontainers/fc.go index 1dbd03a3ed..580a2f5632 100644 --- a/src/runtime/virtcontainers/fc.go +++ b/src/runtime/virtcontainers/fc.go @@ -1055,7 +1055,12 @@ func (fc *firecracker) hotplugBlockDevice(ctx context.Context, drive config.Bloc fc.umountResource(driveID) // use previous raw file created at createDiskPool, that way // the resource is released by firecracker and it can be destroyed in the host - path = filepath.Join(fc.jailerRoot, driveID) + if fc.jailed { + // use path relative to the jail + path = filepath.Join("/", driveID) + } else { + path = filepath.Join(fc.jailerRoot, driveID) + } } return nil, fc.fcUpdateBlockDrive(ctx, path, driveID)