]> err.no Git - systemd/commitdiff
namespace: remount namespace root dir for SLAVE to avoid propagation of mounts from...
authorDaniel Walsh <dwalsh@redhat.com>
Tue, 3 Jan 2012 20:12:10 +0000 (21:12 +0100)
committerLennart Poettering <lennart@poettering.net>
Tue, 3 Jan 2012 20:12:10 +0000 (21:12 +0100)
https://bugzilla.redhat.com/show_bug.cgi?id=752540

src/namespace.c

index 54b22f494e5fc4a58d9017fa95fa0191589943aa..a06cac10fda45708e020148a39034d73e2d7e7bc 100644 (file)
@@ -266,8 +266,12 @@ int setup_namespace(
                 goto fail;
         }
 
-        /* We assume that by default mount events from us won't be
-         * propagated to the root namespace. */
+        /* Remount / as SLAVE so that nothing mounted in the namespace
+           shows up in the parent */
+        if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0) {
+                r = -errno;
+                goto fail;
+        }
 
         for (p = paths; p < paths + n; p++)
                 if ((r = apply_mount(p, root_dir, inaccessible_dir, private_dir, flags)) < 0)