summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2012-08-06 18:28:42 +0200
committerLennart Poettering <lennart@poettering.net>2012-08-06 18:35:01 +0200
commitb3ac5f8cb98757416d8660023d6564a7c411f0a0 (patch)
treecdbce497590e2989e200aa3bbf5728ec370410a6 /src
parent86fc77c47f2d22cd01d0871866869cb194af0884 (diff)
mount-setup: change system mount propagation to shared by default
In order to make containers work nicely out of the box it is highly desirable to have the mount propagation mode for the root fs is set as "shared" by default so that containers receive system mounts by default. (See mount --make-shared for more information). As it is unlikely that the kernel will change the default to "shared" for this, do this early at boot-up from PID 1. Setups which prefer the default of "private" should undo this change via invoking "mount --make-private /" or a similar command after boot. In the long run /etc/fstab should take the propagation mode as a mount option like any other, so that this may be used to change the default mode. However, if fstab is not around or doesn't list / we still should default to shared as propagation mode, hence this change now.
Diffstat (limited to 'src')
-rw-r--r--src/core/mount-setup.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
index c10c6dad1c..e86a89321e 100644
--- a/src/core/mount-setup.c
+++ b/src/core/mount-setup.c
@@ -400,6 +400,15 @@ int mount_setup(bool loaded_policy) {
* udevd. */
dev_setup();
+ /* Mark the root directory as shared in regards to mount
+ * propagation. The kernel defaults to "private", but we think
+ * it makes more sense to have a default of "shared" so that
+ * nspawn and the container tools work out of the box. If
+ * specific setups need other settings they can reset the
+ * propagation mode to private if needed. */
+ if (mount(NULL, "/", NULL, MS_REC|MS_SHARED, NULL) < 0)
+ log_warning("Failed to set up the root directory for shared mount propagation: %m");
+
/* Create a few directories we always want around */
mkdir_label("/run/systemd", 0755);
mkdir_label("/run/systemd/system", 0755);