From 0fb40b201f89bd62e485a3956bf3ba8c263b090c Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 6 Dec 2011 12:18:17 -0500 Subject: [PATCH] ostbuild: Ensure user chroot mounts are not shared It's possible that the root filesystem mount is global; we need to undo that in order to be sure that our "private" bind mounts really are private. --- src/ostbuild/ostbuild-user-chroot.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/ostbuild/ostbuild-user-chroot.c b/src/ostbuild/ostbuild-user-chroot.c index 80267485..c0ed1a2b 100644 --- a/src/ostbuild/ostbuild-user-chroot.c +++ b/src/ostbuild/ostbuild-user-chroot.c @@ -98,6 +98,9 @@ main (int argc, if (unshare (CLONE_NEWNS) < 0) fatal_errno ("unshare (CLONE_NEWNS)"); + if (mount ("/", "/", "none", MS_PRIVATE, NULL) < 0) + fatal_errno ("mount(/, MS_PRIVATE)"); + initialize_chroot (chroot_dir); if (chroot (chroot_dir) < 0)