commit | 805be39fcbce5eb1c827d8a9d59d0aa3748a1fd8 | [log] [tgz] |
---|---|---|
author | Jorge Lucangeli Obes <jorgelo@google.com> | Mon Oct 12 15:55:59 2015 -0700 |
committer | Jorge Lucangeli Obes <jorgelo@google.com> | Mon Oct 12 15:55:59 2015 -0700 |
tree | b1b63e3ad3cecdc070d1309c482b0e140d3b0ee1 | |
parent | 68db15cc2ea5b8314b4c8f7f3920423aeb5e25eb [diff] |
Make Minijail work correctly with shared mounts. This fixes some problems that appear when system booted with systemd. Systemd sets all mounts to shared. This means that when minijail0 creates mount namespace new mounts will propogate out of that namespace. This change fixes that by setting all mounts to private right after creating new namespace. Also when remounting /proc it unmounts it lazily, as normal umount() may fail when shared mounts are enabled. More information about shared mounts: https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt (Original patch by Andrey Ulanov <andreyu@google.com> at https://chromium-review.googlesource.com/303158) Change-Id: I0ff5851dba32524bd6c4ad663b67826fb9be0485