jail: ensure mounts are not MS_SHARED to avoid pivot_root() failure

By default mounts are MS_PRIVATE (kernel default) but systemd decided to make it MS_SHARED by default since v188 https://github.com/systemd/systemd/commit/b3ac5f8cb98757416d8660023d6564a7c411f0a0 This patch fixes ujail on systemd distro (useful for development at least). Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
author: Etienne CHAMPETIER 2016-05-29 23:39:17 +0000
committer: John Crispin 2016-06-01 08:27:35 +0000
commit: 98b63ed7b5612bd422f6bb52a6a7043fc2c09a1c (patch)
tree: a70ccc14fbf33c86e5b515bb56623a6018be2ba0
parent: a79578a3dc7a57800168035b2edd3d1a1bcf0dda (diff)
download: procd-98b63ed7b5612bd422f6bb52a6a7043fc2c09a1c.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/jail/jail.c b/jail/jail.c
index b3f27d3..e425254 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -129,6 +129,12 @@ static int build_jail_fs(void)
 		return -1;
 	}
 
+	/* oldroot can't be MS_SHARED else pivot_root() fails */
+	if (mount("none", "/", NULL, MS_REC|MS_PRIVATE, NULL)) {
+		ERROR("private mount failed %s\n", strerror(errno));
+		return -1;
+	}
+
 	if (mount("tmpfs", jail_root, "tmpfs", MS_NOATIME, "mode=0755")) {
 		ERROR("tmpfs mount failed %s\n", strerror(errno));
 		return -1;
author	Etienne CHAMPETIER	2016-05-29 23:39:17 +0000
committer	John Crispin	2016-06-01 08:27:35 +0000
commit	98b63ed7b5612bd422f6bb52a6a7043fc2c09a1c (patch)
tree	a70ccc14fbf33c86e5b515bb56623a6018be2ba0
parent	a79578a3dc7a57800168035b2edd3d1a1bcf0dda (diff)
download	procd-98b63ed7b5612bd422f6bb52a6a7043fc2c09a1c.tar.gz