[systemd-commits] src/namespace.c
Lennart Poettering
lennart at kemper.freedesktop.org
Tue Jan 3 12:12:59 PST 2012
src/namespace.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
New commits:
commit dc4b02006455a4dddeb6ccc1f6656c89d3ebd27c
Author: Daniel Walsh <dwalsh at redhat.com>
Date: Tue Jan 3 21:12:10 2012 +0100
namespace: remount namespace root dir for SLAVE to avoid propagation of mounts from the namespace to the host
https://bugzilla.redhat.com/show_bug.cgi?id=752540
diff --git a/src/namespace.c b/src/namespace.c
index 54b22f4..a06cac1 100644
--- a/src/namespace.c
+++ b/src/namespace.c
@@ -266,8 +266,12 @@ int setup_namespace(
goto fail;
}
- /* We assume that by default mount events from us won't be
- * propagated to the root namespace. */
+ /* Remount / as SLAVE so that nothing mounted in the namespace
+ shows up in the parent */
+ if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0) {
+ r = -errno;
+ goto fail;
+ }
for (p = paths; p < paths + n; p++)
if ((r = apply_mount(p, root_dir, inaccessible_dir, private_dir, flags)) < 0)
More information about the systemd-commits
mailing list