[lxc-devel] [lxc/master] make sure our umounts don't propagate to the host
FengtuWang on Github
lxc-bot at linuxcontainers.org
Mon Apr 2 12:49:27 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 351 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180402/864cdd1a/attachment.bin>
-------------- next part --------------
From 16fc51d80d840f52d78f53c592a5235601b0d454 Mon Sep 17 00:00:00 2001
From: Fengtu Wang <wangfengtu at huawei.com>
Date: Tue, 3 Apr 2018 05:00:19 +0800
Subject: [PATCH] make sure our umounts don't propagate to the host
Signed-off-by: Fengtu Wang <wangfengtu at huawei.com>
---
src/lxc/conf.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index fe30800d7..1c142c3b2 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1122,6 +1122,15 @@ static int setup_rootfs_pivot_root(const char *rootfs)
goto on_error;
}
+ /*
+ * make oldroot rslave to make sure our umounts don't propagate to
+ * the host.
+ */
+ if (mount("", ".", "", MS_SLAVE | MS_REC, 0)) {
+ SYSERROR("failed to make oldroot rslave");
+ goto on_error;
+ }
+
ret = umount2(".", MNT_DETACH);
if (ret < 0) {
SYSERROR("Failed to detach old root directory");
More information about the lxc-devel
mailing list