[systemd-devel] remounting root fs outside containers as MS_SHARED

[Ani Sinha]

Note: I had sent this email earlier but I realized that I needed to be
subscribed to the mailing list. Now that I have my subscription, I am
resending it again.

Lennart, sorry for the double noise.

---

Hello folks:

The following change started mounting the rootfs as shared :

b3ac5f8cb98757416d8660023d6564a7c411f0a0

The commit log and the corresponding comment in the code says that if
any setups needed the kernel default private mount, one could use
something like :

mount --make-rprivate /

right after the boot.

Unfortunately, we have a setup where we do need the kernel default
private mount and we tried what has been suggested by using a systemd
service file to remount rootfs to private. Unfortunately, while this
works most of the time, this technique is not bullet proof.
Unfortunately glibc (and possibly other libraries) do "telinit u" as a
part of their post installation setup. This re-execs systemd and hence
remounts the root fs as shared again, breaking our system in the
process.

As it is not possible to go and fix all these libraries, I have a
simple request from the systemd hackers here. Can we please have a
configuration option (either as a kernel command line, or a systemd
startup command line or a config file option) that disables this
default behaviour for setups that do need the private rootfs mount?
That way the default remains as is for most systems and yet there will
be a way to override this when one really wants to. It would seem to
give us the best of both worlds.

Any comments?

Thanks in advance,
Ani