[lxc-devel] [testcase] Re: [PATCH 1/4] Automatic mounts: improvements for /proc and /sys

[Serge Hallyn]

Yeah, the appended testcase shows that mount(2) with
MS_REMOUNT|MS_RDONLY and without MS_BIND does remount
the sb readonly, as we expected.  So as Jäkel pointed out
privately, mount(1) is sometimes looking at /etc/mtab, seeing
a bind mount, and adding MS_BIND to be nice.

Meaning that we absolutely cannot use a bind mount to
prevent ro-remount at container shutdown.

Running the below, I get:

serge at tp:~/test$ sudo ./testmounts
creat bc - t1 was remounted ro?: Read-only file system

Here's the testcase:

#include <stdio.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/fcntl.h>
#include <stdlib.h>

int main()
{
	int ret = 1;

	if (mkdir("/tmp/t1", 0755)) {
		perror("mkdir t1");
		goto err;
	}
	if (mkdir("/tmp/t2", 0755)) {
		perror("mkdir t2");
		goto err;
	}
	if (mount("tmpfs", "/tmp/t1", "tmpfs", 0, NULL)) {
		perror("mount t1");
		goto err;
	}
	if (mount("/tmp/t1", "/tmp/t2", "none", MS_BIND, NULL)) {
		perror("bind mount t2");
		goto err;
	}

	if (mount("/tmp/t2", "/tmp/t2", "ro", MS_REMOUNT | MS_BIND | MS_RDONLY, NULL)) {
		perror("bind-remount ro");
		goto err;
	}

	int fd = creat("/tmp/t1/ab", 0755);
	if (fd < 0) {
		perror("creat ab - t1 was remounted ro with bind-remount?");
		goto err;
	}
	close(fd);

	if (mount("/tmp/t2", "/tmp/t2", "ro", MS_REMOUNT | MS_RDONLY, NULL)) {
		perror("remount ro");
		goto err;
	}

	fd = creat("/tmp/t1/bc", 0755);
	if (fd < 0) {
		perror("creat bc - t1 was remounted ro?");
		goto err;
	}
	close(fd);

	ret = 0;

err:
	umount2("/tmp/t2", MNT_DETACH);
	umount2("/tmp/t1", MNT_DETACH);
	rmdir("/tmp/t2");
	rmdir("/tmp/t1");
	exit(ret);
}