[lxc-devel] [RFC] rootfs pinning

Christian Seiler christian at iwakd.de
Wed Sep 25 06:57:51 UTC 2013 

Hi there,

> No.  There's a change there, all right, and thank you for reminding 
> me
> of that, but (afaik) it's NOT in the kernel itself.  It's a mount
> option.  It's that bloody MS_SHARED option and, to a lessor extent,
> MS_SLAVE option that are behind how those things are propagated.
> MS_SHARED will propagate certain things from a child mount to the 
> mount
> point and to other children, IIRC, while MS_SLAVE propagates in one
> direction and MS_PRIVATE restricts it.  I think the trouble maker is
> MS_SHARED and that's what caused all the "pivot_root" calls to face
> plant when systemd started mounting everything with MS_SHARED in the
> host system.  I was using bind mounts to avoid some of these problems
> but then they changed systemd and its default mount options and broke 
> a
> number of things I had running.

This is not MS_SHARED. The 3.8 instance I'm testing this with is
a Debian Wheezy with a custom kernel (the 3.8 from Serge's and/or
Stéphane's repository for userns which floated around here half
a year ago or so. (I never had a chance to upgrade, it's in a KVM,
so that I don't break my main  system).

Look at the following:

root at lxcdev:~# mkdir /foo/bar /foo/baz -p
root at lxcdev:~# mount --bind /foo/bar /foo/baz
root at lxcdev:~# grep /foo /proc/self/mountinfo
25 20 253:1 /foo/bar /foo/baz rw,relatime - ext4 
/dev/disk/by-uuid/b2e1ac13-e6d0-48e7-a3b0-9fcdf81db294 
rw,errors=remount-ro,data=ordered
root at lxcdev:~# grep ^20 /proc/self/mountinfo
20 1 253:1 / / rw,relatime - ext4 
/dev/disk/by-uuid/b2e1ac13-e6d0-48e7-a3b0-9fcdf81db294 
rw,errors=remount-ro,data=ordered
root at lxcdev:~# mount /foo/baz -o remount,ro
mount: /foo/baz is busy
root at lxcdev:~# mount /foo/baz -o remount,bind,ro
root at lxcdev:~# grep /foo /proc/self/mountinfo
25 20 253:1 /foo/bar /foo/baz ro,relatime - ext4 
/dev/disk/by-uuid/b2e1ac13-e6d0-48e7-a3b0-9fcdf81db294 
rw,errors=remount-ro,data=ordered
root at lxcdev:~# uname -a
Linux lxcdev 3.8.0-rc3+ #1 SMP Sun Jan 27 16:39:34 CET 2013 x86_64 
GNU/Linux

I don't see any shared: in /proc/self/mountinfo. Obviously,
this could be a side-effect of the specific kernel I'm using,
but I don't recall the additional userns patches to change
anything in that regard.

Also note that a mount --make-private / doesn't change
anything. And that this isn't even in an own namespace.

I don't have that much time atm, so I won't be able to
check with a current official kernel.

-- Christian

More information about the lxc-devel mailing list