Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
libcontainer: fix a bug when setting shared rootfs propagation mode
So far when the input mount flags contain `MS_SHARED`, the flag has not been applied to the container rootfs. That's because we call `rootfsParentMountPrivate()` after applying the original mount flags. As a result, the original flags are overwritten. Though it's also true that we actually need to mount the container rootfs with `MS_PRIVATE`, to avoid failure from `pivot_root()` in the Linux kernel. Thus if the mount flags contain `MS_SHARED`, we need a special case handling. First do `pivotRoot()` (or `msMoveRoot`, `chroot`) with the rootfs with a mount flag `MS_PRIVATE`. Then after `pivotRoot()`, again mount the rootfs with `MS_SHARED`. With this fix, `validation/linux_rootfs_propagation.t` of runtime-tools works well with the shared mode finally. Fixes #1755 Signed-off-by: Dongsu Park <dongsu@kinvolk.io>
- Loading branch information