Bug 1337409

Summary: Mounting volume read-write under read-only volume mount fails
Product: Red Hat Enterprise Linux 7 Reporter: Jan Pazdziora <jpazdziora>
Component: dockerAssignee: Daniel Walsh <dwalsh>
Status: CLOSED NOTABUG QA Contact: atomic-bugs <atomic-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.2CC: jpazdziora, lsm5
Target Milestone: rcKeywords: Extras
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-06-03 18:29:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Pazdziora 2016-05-19 07:06:20 UTC 
Description of problem:

When software wants to generate output in its subdirectory, it might be useful to mount volume for the output read-write, while reading the software itself read-only. Attempt to do that fails.

Version-Release number of selected component (if applicable):

docker-1.9.1-40.el7.x86_64

How reproducible:

Deterministic.

Steps to Reproduce:
1. mkdir -p /tmp/parent-ro /tmp/child-rw
2. docker run -ti -v /tmp/parent-ro:/data:ro -v /tmp/child-rw:/data/_build:Z rhel7 bash

Actual results:

Timestamp: 2016-05-19 03:02:32.120707018 -0400 EDT
Code: System error

Message: mkdir /var/lib/docker/devicemapper/mnt/7279426326d7425f6f2c4c501c9ae43ce25a490a2b1bc11f392a9205fa11992c/rootfs/data/_build: read-only file system

Frames:
---
0: setupRootfs
Package: github.com/opencontainers/runc/libcontainer
File: rootfs_linux.go@40
---
1: Init
Package: github.com/opencontainers/runc/libcontainer.(*linuxStandardInit)
File: standard_init_linux.go@57
---
2: StartInitialization
Package: github.com/opencontainers/runc/libcontainer.(*LinuxFactory)
File: factory_linux.go@242
---
3: initializer
Package: github.com/docker/docker/daemon/execdriver/native
File: init.go@35
---
4: Init
Package: github.com/docker/docker/pkg/reexec
File: reexec.go@26
---
5: main
Package: main
File: docker.go@18
---
6: main
Package: runtime
File: proc.go@63
---
7: goexit
Package: runtime
File: asm_amd64.s@2232
Error response from daemon: Cannot start container 7279426326d7425f6f2c4c501c9ae43ce25a490a2b1bc11f392a9205fa11992c: [8] System error: mkdir /var/lib/docker/devicemapper/mnt/7279426326d7425f6f2c4c501c9ae43ce25a490a2b1bc11f392a9205fa11992c/rootfs/data/_build: read-only file system

Expected results:

Container started, both volumes mounted.

Additional info:
Comment 2 Daniel Walsh 2016-06-03 18:29:12 UTC 
1. mkdir -p /tmp/parent-ro /tmp/child-rw
2. docker run -ti -v /tmp/parent-ro:/data:ro -v /tmp/child-rw:/data/_build:Z rhel7 bash

The problem here is docker attempts to create the _build directory under /tmp/parent-ro after it is mounted ro.

1. mkdir -p /tmp/parent-ro/_build /tmp/child-rw


Would fix the problem.

There is no way to fix this since you started with a readonly directory.
Comment 3 Jan Pazdziora 2016-06-07 16:08:04 UTC 
You are right, this fixes the problem. Thank you.