From: Lennart Poettering Date: Fri, 23 Apr 2010 16:48:07 +0000 (+0200) Subject: namespace: make ro bind mounts work X-Git-Tag: 0.git+20100605+dfd8ee-1~80 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5dcfe57bb1a036ba6e4af10746c42892c44f0766;p=systemd namespace: make ro bind mounts work --- diff --git a/namespace.c b/namespace.c index 570b4ce3..880d5c33 100644 --- a/namespace.c +++ b/namespace.c @@ -123,7 +123,6 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d const char *what; char *where; int r; - bool read_only = false; assert(p); assert(root_dir); @@ -137,11 +136,11 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d case INACCESSIBLE: what = inaccessible_dir; - read_only = true; + flags |= MS_RDONLY; break; case READONLY: - read_only = true; + flags |= MS_RDONLY; /* Fall through */ case READWRITE: @@ -160,14 +159,11 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d * flags. If we want to set any flag we need * to do so in a second indepdant step. */ if (flags) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_REC|flags, NULL); + r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_REC|flags, NULL); /* Avoid expontial growth of trees */ if (r >= 0 && path_equal(p->path, "/")) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_UNBINDABLE, NULL); - - if (r >= 0 && read_only) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_RDONLY, NULL); + r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_UNBINDABLE|flags, NULL); if (r < 0) { r = -errno; diff --git a/test-ns.c b/test-ns.c index baf42f6d..d40f8beb 100644 --- a/test-ns.c +++ b/test-ns.c @@ -34,7 +34,9 @@ int main(int argc, char *argv[]) { }; const char * const readable[] = { - "/var", + "/", + "/usr", + "/boot", NULL };