[systemd-devel] Shared root fs by default
Lennart Poettering
lennart at poettering.net
Fri Mar 29 07:56:01 PDT 2013
On Thu, 28.03.13 16:47, Tvrtko Ursulin (tvrtko.ursulin at onelan.co.uk) wrote:
>
> Hi all,
>
> As a bit of a feedback, the change in systemd to mark root fs as recursively
> shared by default has the potential to bite hard anyone who builds chroot-ed
> environments on their system.
>
> When you build your chroot fs and then bind mount bits of the outside world
> into it, you are up for a nasty surprise when you tear those mounts down. You
> will then find your original mount points gone and system potentially in a
> seriously broken state.
Well, not really. chroot()s and mount propagation are orthogonal, so we
didn't really change much there. i.e. mounts you do from within chroots
will also show up in the host (though shifted by the chroot's root dir
of course), and if you drop them in the chroot they will disappear in
the host too (also shifted by the chroot's root dir). So nothing really
changed here.
> Depending what bits from the outside have been bind mounted into chroot and
> your filesystem setup you can lose /home, /dev, /proc, etc. You get the
> picture. :/
Nah, not true. You cannot umount the host's /home, /dev, /proc from
inside the chroot, since you cannot even "see" them, and if you did bind
mount them, then you will lose only the bind mounts, not the
originals.
The only place where things change is that if you bind mounted /home
into the chroot's root dir's /home, and then create a another submount
below that and assumed it wouldn't also affect the hosts's original
/home.
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel
mailing list