On Tue, Apr 28, 2020 at 9:15 PM Dr. David Alan Gilbert
<dgilb...@redhat.com> wrote:
> So our current sequence is:
>
> (new namespace)
> 1) if (mount(NULL, "/", NULL, MS_REC | MS_SLAVE, NULL) < 0) {
> 2) if (mount("proc", "/proc", "proc",
> ....
> 3) if (mount(source, source, NULL, MS_BIND | MS_REC, NULL) < 0) {
> 4) (chdir newroot, pivot, chdir oldroot)
> 5) if (mount("", ".", "", MS_SLAVE | MS_REC, NULL) < 0) {
> 6) if (umount2(".", MNT_DETACH) < 0) {
>
> So are you saying we need a:
> if (mount(NULL, "/", NULL, MS_REC | MS_SHARED, NULL) < 0) {
>
> and can this go straight after (1) ?
Or right before (3). Important thing is that that new mount will
only receive propagation if the type of the mount at source (before
(3) is performed) is shared.
Thanks,
Miklos
