[systemd-devel] Shared root fs by default

Tvrtko Ursulin tvrtko.ursulin at onelan.co.uk
Tue Apr 2 02:27:51 PDT 2013 

Hi,

On Friday 29 March 2013 15:56:01 Lennart Poettering wrote:
> On Thu, 28.03.13 16:47, Tvrtko Ursulin (tvrtko.ursulin at onelan.co.uk) wrote:
> > Hi all,
> > 
> > As a bit of a feedback, the change in systemd to mark root fs as
> > recursively shared by default has the potential to bite hard anyone who
> > builds chroot-ed environments on their system.
> > 
> > When you build your chroot fs and then bind mount bits of the outside
> > world
> > into it, you are up for a nasty surprise when you tear those mounts down.
> > You will then find your original mount points gone and system potentially
> > in a seriously broken state.
> 
> Well, not really. chroot()s and mount propagation are orthogonal, so we
> didn't really change much there. i.e. mounts you do from within chroots
> will also show up in the host (though shifted by the chroot's root dir
> of course), and if you drop them in the chroot they will disappear in
> the host too (also shifted by the chroot's root dir). So nothing really
> changed here.

I wasn't talking about this, perhaps I wasn't clear enough. See below.
 
> > Depending what bits from the outside have been bind mounted into chroot
> > and
> > your filesystem setup you can lose /home, /dev, /proc, etc. You get the
> > picture. :/
> 
> Nah, not true. You cannot umount the host's /home, /dev, /proc from
> inside the chroot, since you cannot even "see" them, and if you did bind
> mount them, then you will lose only the bind mounts, not the
> originals.
> 
> The only place where things change is that if you bind mounted /home
> into the chroot's root dir's /home, and then create a another submount
> below that and assumed it wouldn't also affect the hosts's original
> /home.

You need to try it since you don't seem to believe me. :)

+ M1=testmp1
+ M2=testmp2
+ SM=submount
+ mkdir -p testmp1
+ mkdir -p testmp2
+ mount none -t tmpfs testmp1
+ mkdir -p testmp1/submount
+ mount none -t tmpfs testmp1/submount
+ strace -f -e trace=mount,umount mount testmp1 --rbind testmp2
mount("/root/3/testmp1", "testmp2", 0x7f70e796a67c, MS_MGC_VAL|MS_BIND|MS_REC, 
NULL) = 0
+ strace -f -e trace=mount,umount umount -l testmp2
umount("/root/3/testmp2", MNT_DETACH)   = 0
+ mountpoint testmp1/submount
testmp1/submount is not a mountpoint

So now just imagine "testmp1/submount" was "/dev/pts".

Regards,

Tvrtko

More information about the systemd-devel mailing list