[lxc-devel] mountflag propagation from slave to host
Serge Hallyn
serge.hallyn at ubuntu.com
Mon Dec 7 15:27:11 UTC 2015
Quoting Wolfgang Bumiller (w.bumiller at proxmox.com):
>
> > On December 4, 2015 at 10:08 PM Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> >
> >
> > Quoting Wolfgang Bumiller (w.bumiller at proxmox.com):
> > > Not sure this is the right place to ask as I've narrowed it down to
> > > raw mount commands, but it also affects privileged unconfined
> > > containers when using bind-mounts to bind _mountpoints_ (not arbitrary
> > > subdirectories) into a container (and I found it through some hooks
> > > in my containers).
> > >
> > > For some reason doing a remount,ro in a slave mount namespace
> > > propagates the read-only flag into its master namespace, while at the
> > > same time a remount,rW does _not_ propagate that way, and I'm
> > > wondering if anybody can offer some insight, or maybe it's a bug in
> > > the kernel?
> >
> > doing remount,ro and remount,rw is a touchy issue because it can mean two
> > different things.a It can mean changing the superblock options, or changing
> > the bind mount options.
> >
> > > To test, compare:
> > >
> > > # mount -t tmpfs -o rw none /a
> > > # unshare -m
> > > # mount --make-rslave /
> > > # mount -o remount,ro /a
> >
> > Try mount -o bind,remount,ro /a
>
> Not really up to me. I also realized that when the stop hook unmounts / it
> gets ro-remounted, and if it's a mountpoint on the host this also happens
> on the host. I wish syncfs() was namespaced for bindmounts ;-)
For the duration of the container run we keep a file open on the
rootfs to prevent remount-ro of / (which most inits do on shutdown)
from succeeding. However the stop hook runs after we close the pin
file.
More information about the lxc-devel
mailing list