diff options
author | Lennart Poettering <lennart@poettering.net> | 2010-04-23 18:48:07 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2010-04-23 18:48:07 +0200 |
commit | 5dcfe57bb1a036ba6e4af10746c42892c44f0766 (patch) | |
tree | df74823694cef9c0dcecf8c1136b84c7ee8583d8 | |
parent | eced69b3016f32bda93030f31c0e334cc1e043f2 (diff) |
namespace: make ro bind mounts work
-rw-r--r-- | namespace.c | 12 | ||||
-rw-r--r-- | test-ns.c | 4 |
2 files changed, 7 insertions, 9 deletions
diff --git a/namespace.c b/namespace.c index 570b4ce387..880d5c33eb 100644 --- a/namespace.c +++ b/namespace.c @@ -123,7 +123,6 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d const char *what; char *where; int r; - bool read_only = false; assert(p); assert(root_dir); @@ -137,11 +136,11 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d case INACCESSIBLE: what = inaccessible_dir; - read_only = true; + flags |= MS_RDONLY; break; case READONLY: - read_only = true; + flags |= MS_RDONLY; /* Fall through */ case READWRITE: @@ -160,14 +159,11 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d * flags. If we want to set any flag we need * to do so in a second indepdant step. */ if (flags) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_REC|flags, NULL); + r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_REC|flags, NULL); /* Avoid expontial growth of trees */ if (r >= 0 && path_equal(p->path, "/")) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_UNBINDABLE, NULL); - - if (r >= 0 && read_only) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_RDONLY, NULL); + r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_UNBINDABLE|flags, NULL); if (r < 0) { r = -errno; @@ -34,7 +34,9 @@ int main(int argc, char *argv[]) { }; const char * const readable[] = { - "/var", + "/", + "/usr", + "/boot", NULL }; |