summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-06-05 21:35:35 +0200
committerLennart Poettering <lennart@poettering.net>2014-06-05 21:35:35 +0200
commit6d313367d9ef780560e117e886502a99fa220eac (patch)
tree2439c5fa8369919c0617173606e560080be1c100
parentc3544e8d2c2d870a2aff0944aff4ab7824b9ae6b (diff)
namespace: when setting up an inaccessible mount point, unmounting everything below
This has the benefit of not triggering any autofs mount points unnecessarily.
-rw-r--r--src/core/namespace.c6
-rw-r--r--src/shared/util.c68
-rw-r--r--src/shared/util.h2
3 files changed, 76 insertions, 0 deletions
diff --git a/src/core/namespace.c b/src/core/namespace.c
index b6deab7081..fcbfd87d47 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -284,6 +284,12 @@ static int apply_mount(
return mount_dev(m);
case INACCESSIBLE:
+
+ /* First, get rid of everything that is below if there
+ * is anything... Then, overmount it with an
+ * inaccessible directory. */
+ umount_recursive(m->path, 0);
+
what = "/run/systemd/inaccessible";
break;
diff --git a/src/shared/util.c b/src/shared/util.c
index 49185a99a9..011fb36f49 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -54,6 +54,7 @@
#include <grp.h>
#include <sys/mman.h>
#include <sys/vfs.h>
+#include <sys/mount.h>
#include <linux/magic.h>
#include <limits.h>
#include <langinfo.h>
@@ -6502,3 +6503,70 @@ int update_reboot_param_file(const char *param) {
return r;
}
+
+int umount_recursive(const char *prefix, int flags) {
+ bool again;
+ int n = 0, r;
+
+ /* Try to umount everything recursively below a
+ * directory. Also, take care of stacked mounts, and keep
+ * unmounting them until they are gone. */
+
+ do {
+ _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
+
+ again = false;
+ r = 0;
+
+ proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
+ if (!proc_self_mountinfo)
+ return -errno;
+
+ for (;;) {
+ _cleanup_free_ char *path = NULL, *p = NULL;
+ int k;
+
+ k = fscanf(proc_self_mountinfo,
+ "%*s " /* (1) mount id */
+ "%*s " /* (2) parent id */
+ "%*s " /* (3) major:minor */
+ "%*s " /* (4) root */
+ "%ms " /* (5) mount point */
+ "%*s" /* (6) mount options */
+ "%*[^-]" /* (7) optional fields */
+ "- " /* (8) separator */
+ "%*s " /* (9) file system type */
+ "%*s" /* (10) mount source */
+ "%*s" /* (11) mount options 2 */
+ "%*[^\n]", /* some rubbish at the end */
+ &path);
+
+ if (k != 1) {
+ if (k == EOF)
+ break;
+
+ continue;
+ }
+
+ p = cunescape(path);
+ if (!p)
+ return -ENOMEM;
+
+ if (!path_startswith(p, prefix))
+ continue;
+
+ if (umount2(p, flags) < 0) {
+ r = -errno;
+ continue;
+ }
+
+ again = true;
+ n++;
+
+ break;
+ }
+
+ } while (again);
+
+ return r ? r : n;
+}
diff --git a/src/shared/util.h b/src/shared/util.h
index 62eb60402d..ac851fa4d6 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -942,3 +942,5 @@ union file_handle_union {
};
int update_reboot_param_file(const char *param);
+
+int umount_recursive(const char *target, int flags);