From 5dcfe57bb1a036ba6e4af10746c42892c44f0766 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 23 Apr 2010 18:48:07 +0200 Subject: [PATCH] namespace: make ro bind mounts work --- namespace.c | 12 ++++-------- test-ns.c | 4 +++- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/namespace.c b/namespace.c index 570b4ce3..880d5c33 100644 --- a/namespace.c +++ b/namespace.c @@ -123,7 +123,6 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d const char *what; char *where; int r; - bool read_only = false; assert(p); assert(root_dir); @@ -137,11 +136,11 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d case INACCESSIBLE: what = inaccessible_dir; - read_only = true; + flags |= MS_RDONLY; break; case READONLY: - read_only = true; + flags |= MS_RDONLY; /* Fall through */ case READWRITE: @@ -160,14 +159,11 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d * flags. If we want to set any flag we need * to do so in a second indepdant step. */ if (flags) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_REC|flags, NULL); + r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_REC|flags, NULL); /* Avoid expontial growth of trees */ if (r >= 0 && path_equal(p->path, "/")) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_UNBINDABLE, NULL); - - if (r >= 0 && read_only) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_RDONLY, NULL); + r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_UNBINDABLE|flags, NULL); if (r < 0) { r = -errno; diff --git a/test-ns.c b/test-ns.c index baf42f6d..d40f8beb 100644 --- a/test-ns.c +++ b/test-ns.c @@ -34,7 +34,9 @@ int main(int argc, char *argv[]) { }; const char * const readable[] = { - "/var", + "/", + "/usr", + "/boot", NULL }; -- 2.39.5