libct: Allow rel paths for idmap mounts

The idea was to make them strict on dest path from the beginning for
idmap mounts, as runc would do that for all mounts in the future. But
that is causing too many problems.

For now, let's just allow relative paths for idmap mounts too. It just
seems safer.

Signed-off-by: Rodrigo Campos <[email protected]>

Author: rata

libcontainer/rootfs_linux.go

@@ -485,7 +485,7 @@ func mountToRootfs(c *mountConfig, m mountEntry) error {
 			if m.srcFD == nil {
 				return fmt.Errorf("error creating mount %+v: idmapFD is invalid, should point to a valid fd", m)
 			}
-			if err := unix.MoveMount(*m.srcFD, "", -1, dest, unix.MOVE_MOUNT_F_EMPTY_PATH); err != nil {
+			if err := unix.MoveMount(*m.srcFD, "", unix.AT_FDCWD, dest, unix.MOVE_MOUNT_F_EMPTY_PATH); err != nil {
 				return fmt.Errorf("error on unix.MoveMount %+v: %w", m, err)
 			}
 

tests/integration/idmap.bats

@@ -72,6 +72,14 @@ function teardown() {
 	[[ "$output" == *"shared"* ]]
 }
 
+@test "idmap mount with relative path" {
+	update_config ' .mounts |= map((select(.source == "source-1/") | .destination = "tmp/mount-1") // .)'
+
+	runc run test_debian
+	[ "$status" -eq 0 ]
+	[[ "$output" == *"=0=0="* ]]
+}
+
 @test "idmap mount with bind mount" {
 	update_config '   .mounts += [
 					{