From 9f0074c39886cf145019c4099f93a57620c9ef4e Mon Sep 17 00:00:00 2001
From: Josh Curl <josh@curl.me>
Date: Wed, 4 May 2016 16:18:24 -0700
Subject: [PATCH 1/3] /media and /mnt mounted as shared for console

---
 init/init.go                                  |  3 +++
 os-config.tpl.yml                             |  2 ++
 .../rostest/test_15_shared_mount.py           | 21 +++++++++++++++++++
 tests/integration/rostest/util.py             |  5 +++++
 4 files changed, 31 insertions(+)
 create mode 100644 tests/integration/rostest/test_15_shared_mount.py

diff --git a/init/init.go b/init/init.go
index 98293023..5efb9b5b 100644
--- a/init/init.go
+++ b/init/init.go
@@ -218,6 +218,9 @@ func RunInit() error {
 			return c, dockerlaunch.PrepareFs(&mountConfig)
 		},
 		initializeSelinux,
+		func(c *config.CloudConfig) (*config.CloudConfig, error) {
+			return c, syscall.Mount("", "/", "", syscall.MS_SHARED|syscall.MS_REC, "")
+		},
 		sysInit,
 	}
 
diff --git a/os-config.tpl.yml b/os-config.tpl.yml
index ccd6b4f7..3b7e82dc 100644
--- a/os-config.tpl.yml
+++ b/os-config.tpl.yml
@@ -171,6 +171,8 @@ rancher:
       - all-volumes
       volumes:
       - /usr/bin/iptables:/sbin/iptables:ro
+      - /media:/media:shared
+      - /mnt:/mnt:shared
     container-data-volumes:
       image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}}
       labels:
diff --git a/tests/integration/rostest/test_15_shared_mount.py b/tests/integration/rostest/test_15_shared_mount.py
new file mode 100644
index 00000000..9c0154f6
--- /dev/null
+++ b/tests/integration/rostest/test_15_shared_mount.py
@@ -0,0 +1,21 @@
+import pytest
+import rostest.util as u
+from rostest.util import SSH
+
+
+@pytest.fixture(scope="module")
+def qemu(request):
+    q = u.run_qemu(request)
+    u.flush_out(q.stdout)
+    return q
+
+
+def test_shared_mount(qemu):
+    SSH(qemu).check_call('''
+set -x -e
+
+sudo mkdir /mnt/shared
+sudo touch /test
+sudo system-docker run --privileged -v /mnt:/mnt:shared -v /test:/test {busybox_image} mount --bind / /mnt/shared
+ls /mnt/shared | grep test
+    '''.format(busybox_image=u.busybox_image))
diff --git a/tests/integration/rostest/util.py b/tests/integration/rostest/util.py
index 3d73ed56..3f8559cf 100644
--- a/tests/integration/rostest/util.py
+++ b/tests/integration/rostest/util.py
@@ -15,6 +15,11 @@ if arch != 'amd64':
     suffix = '_' + arch
 
 
+busybox_image = {'amd64': 'busybox',
+                 'arm': 'armhf/busybox',
+                 'arm64': 'aarch64/busybox'}[arch]
+
+
 def iter_lines(s):
     return it.imap(str.rstrip, iter(s.readline, ''))
 

From 438a4374593a14dce7cb23fc6abee238004890fb Mon Sep 17 00:00:00 2001
From: Darren Shepherd <darren@rancher.com>
Date: Tue, 7 Jun 2016 17:18:36 -0700
Subject: [PATCH 2/3] Cleanup scripts for error handling

---
 scripts/build-host  | 1 +
 scripts/clean       | 1 +
 scripts/default     | 1 +
 scripts/dev         | 1 +
 scripts/entry       | 1 +
 scripts/hash-initrd | 1 +
 scripts/help        | 1 +
 scripts/release     | 1 +
 scripts/version     | 2 --
 9 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/scripts/build-host b/scripts/build-host
index 03d60765..7230616a 100755
--- a/scripts/build-host
+++ b/scripts/build-host
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -e
 
 cd $(dirname $0)/..
 
diff --git a/scripts/clean b/scripts/clean
index 654c724e..8c6b0034 100755
--- a/scripts/clean
+++ b/scripts/clean
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -e
 
 cd $(dirname $0)/..
 rm -rf build dist bin images/*/build
diff --git a/scripts/default b/scripts/default
index d17e8165..f41e23da 100755
--- a/scripts/default
+++ b/scripts/default
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -e
 
 cd $(dirname $0)
 
diff --git a/scripts/dev b/scripts/dev
index 740284b5..237ff112 100755
--- a/scripts/dev
+++ b/scripts/dev
@@ -1,5 +1,6 @@
 #!/bin/bash
 # help: For development, creates iso, kernel, initrd gzip compressed
+set -e
 
 cd $(dirname $0)
 
diff --git a/scripts/entry b/scripts/entry
index 4e8a0f25..e093ec10 100755
--- a/scripts/entry
+++ b/scripts/entry
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -e
 
 mkdir -p bin dist build/initrd
 if [ -e ./scripts/$1 ]; then
diff --git a/scripts/hash-initrd b/scripts/hash-initrd
index 15576562..88b06ec3 100755
--- a/scripts/hash-initrd
+++ b/scripts/hash-initrd
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -e
 
 cd $(dirname $0)/../build/initrd
 
diff --git a/scripts/help b/scripts/help
index 7f1f112e..b4d558d8 100755
--- a/scripts/help
+++ b/scripts/help
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -e
 
 cd $(dirname $0)
 
diff --git a/scripts/release b/scripts/release
index 80a80a63..8a3676fc 100755
--- a/scripts/release
+++ b/scripts/release
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -e
 
 source $(dirname $0)/version
 export REPO_VERSION=$VERSION
diff --git a/scripts/version b/scripts/version
index f99dbde8..d463f3d0 100755
--- a/scripts/version
+++ b/scripts/version
@@ -1,5 +1,3 @@
-#!/bin/bash
-
 if [ -n "$(git status --porcelain --untracked-files=no)" ]; then
     DIRTY="-dirty"
 fi

From f410c678ba6f8683c5bdf71c2dce57caa0d8be9f Mon Sep 17 00:00:00 2001
From: Darren Shepherd <darren@rancher.com>
Date: Tue, 7 Jun 2016 17:18:21 -0700
Subject: [PATCH 3/3] Make shared mount work in an initrd

---
 config/types.go               |  1 +
 images/02-console/docker-init |  6 ++++++
 init/init.go                  | 27 ++++++++++++++++++++++++---
 3 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/config/types.go b/config/types.go
index e1fa12a5..7fde37ee 100644
--- a/config/types.go
+++ b/config/types.go
@@ -94,6 +94,7 @@ type RancherConfig struct {
 	CloudInit           CloudInit                                 `yaml:"cloud_init,omitempty"`
 	Debug               bool                                      `yaml:"debug,omitempty"`
 	RmUsr               bool                                      `yaml:"rm_usr,omitempty"`
+	NoSharedRoot        bool                                      `yaml:"no_sharedroot,omitempty"`
 	Log                 bool                                      `yaml:"log,omitempty"`
 	ForceConsoleRebuild bool                                      `yaml:"force_console_rebuild,omitempty"`
 	Disable             []string                                  `yaml:"disable,omitempty"`
diff --git a/images/02-console/docker-init b/images/02-console/docker-init
index d02bc809..974dfb71 100755
--- a/images/02-console/docker-init
+++ b/images/02-console/docker-init
@@ -19,4 +19,10 @@ for i in /opt/bin /usr/local/bin; do
     fi
 done
 
+mount --make-shared /
+
+if [ "$(grep '/var/lib/docker /var/lib/docker ' /proc/self/mountinfo | awk '{print $9}')" = "rootfs" ]; then
+    export DOCKER_RAMDISK=1
+fi
+
 exec /usr/bin/dockerlaunch $DOCKER_BIN "$@" $DOCKER_OPTS >>/var/log/docker.log 2>&1
diff --git a/init/init.go b/init/init.go
index 5efb9b5b..722aa24d 100644
--- a/init/init.go
+++ b/init/init.go
@@ -11,6 +11,7 @@ import (
 	"syscall"
 
 	log "github.com/Sirupsen/logrus"
+	"github.com/docker/docker/pkg/mount"
 	"github.com/rancher/docker-from-scratch"
 	"github.com/rancher/os/config"
 	"github.com/rancher/os/util"
@@ -179,6 +180,28 @@ func isInitrd() bool {
 	return int64(stat.Type) == TMPFS_MAGIC || int64(stat.Type) == RAMFS_MAGIC
 }
 
+func setupSharedRoot(c *config.CloudConfig) (*config.CloudConfig, error) {
+	if !c.NoSharedRoot {
+		return c, nil
+	}
+
+	if isInitrd() {
+		for _, i := range []string{"/mnt", "/media"} {
+			if err := os.Mkdir(i, 0755); err != nil {
+				return c, err
+			}
+			if err := mount.Mount("tmpfs", i, "tmpfs", "rw"); err != nil {
+				return c, err
+			}
+			if err := mount.MakeRShared(i); err != nil {
+				return c, err
+			}
+		}
+		return c, nil
+	}
+	return c, mount.MakeShared("/")
+}
+
 func RunInit() error {
 	os.Setenv("PATH", "/sbin:/usr/sbin:/usr/bin")
 	if isInitrd() {
@@ -218,9 +241,7 @@ func RunInit() error {
 			return c, dockerlaunch.PrepareFs(&mountConfig)
 		},
 		initializeSelinux,
-		func(c *config.CloudConfig) (*config.CloudConfig, error) {
-			return c, syscall.Mount("", "/", "", syscall.MS_SHARED|syscall.MS_REC, "")
-		},
+		setupSharedRoot,
 		sysInit,
 	}