[systemd-devel] changing the "mount --make-shared /" default
Colin Walters
walters at verbum.org
Fri Feb 1 13:59:19 PST 2013
On Fri, 2013-02-01 at 14:40 -0700, Jake Edge wrote:
> On Fri, 01 Feb 2013 16:33:26 -0500 Colin Walters wrote:
> > On Fri, 2013-02-01 at 12:50 -0700, Jake Edge wrote:
> >
> > > I am not sure that I want the default to be "private", but if I did,
> > > what is the proper, systemd-ish way to do so?
> >
> > If you're creating a private mount namespace, then:
> >
> > http://git.gnome.org/browse/linux-user-chroot/tree/src/linux-user-chroot.c#n300
>
> Yes, that's a way to programmatically do it on an as-needed basis, which
> is great, thanks. But what I was looking for was a way to tell systemd
> to change the default back to private at boot time as Lennart
> suggested in the commit.
That has global system ramifications. It's somewhat unfortunate that
systemd overrides the kernel, but going forward programs can (at the
moment) assume under systemd that it's shared, and make things private
as necessary. If there were a configuration toggle, programs would have
to cope with both cases. Though maybe realistically they already have
to if Upstart doesn't do the same thing.
Anyways, a unit which just invokes mount --make-rprivate / after say
basic.target would probably work.
There's some decent docs here btw, which do predate systemd and thus
claim the default is private:
http://www.ibm.com/developerworks/linux/library/l-mount-namespaces/index.html
More information about the systemd-devel
mailing list