Browse code
chroot: remount everything as private in new mntns
If parent of the destination path is shared, this
path will be unmounted from the parent ns even if
the path itself is private.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Tonis Tiigi authored on 2016/10/21 07:29:23Showing 1 changed files
| ... | ... |
@@ -26,7 +26,12 @@ func chroot(path string) (err error) {
|
| 26 | 26 |
return fmt.Errorf("Error creating mount namespace before pivot: %v", err)
|
| 27 | 27 |
} |
| 28 | 28 |
|
| 29 |
- if err := mount.MakeRPrivate(path); err != nil {
|
|
| 29 |
+ // make everything in new ns private |
|
| 30 |
+ if err := mount.MakeRPrivate("/"); err != nil {
|
|
| 31 |
+ return err |
|
| 32 |
+ } |
|
| 33 |
+ // ensure path is a mountpoint |
|
| 34 |
+ if err := mount.MakePrivate(path); err != nil {
|
|
| 30 | 35 |
return err |
| 31 | 36 |
} |
| 32 | 37 |
|