From c2c13f2df42e0691aecabe3979ea81cd7faa35c7 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 20 Mar 2014 04:16:39 +0100
Subject: unit: turn off mount propagation for udevd

Keep mounts done by udev rules private to udevd. Also, document how
MountFlags= may be used for this.
---
 src/core/load-fragment.c | 10 ++++------
 src/core/namespace.c     | 40 +++++++++++++++++++++++-----------------
 2 files changed, 27 insertions(+), 23 deletions(-)

(limited to 'src/core')

diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 1c7ac75dd8..fa4e931b23 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -1125,15 +1125,13 @@ int config_parse_exec_mount_flags(const char *unit,
                         return log_oom();
 
                 if (streq(t, "shared"))
-                        flags |= MS_SHARED;
+                        flags = MS_SHARED;
                 else if (streq(t, "slave"))
-                        flags |= MS_SLAVE;
+                        flags = MS_SLAVE;
                 else if (streq(w, "private"))
-                        flags |= MS_PRIVATE;
+                        flags = MS_PRIVATE;
                 else {
-                        log_syntax(unit, LOG_ERR, filename, line, EINVAL,
-                                   "Failed to parse mount flag %s, ignoring: %s",
-                                   t, rvalue);
+                        log_syntax(unit, LOG_ERR, filename, line, EINVAL, "Failed to parse mount flag %s, ignoring: %s", t, rvalue);
                         return 0;
                 }
         }
diff --git a/src/core/namespace.c b/src/core/namespace.c
index 4cbb0a1565..9f15211cb6 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -387,24 +387,28 @@ int setup_namespace(
                 drop_duplicates(mounts, &n);
         }
 
-        /* Remount / as SLAVE so that nothing now mounted in the namespace
-           shows up in the parent */
-        if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0)
-                return -errno;
+        if (n > 0) {
+                /* Remount / as SLAVE so that nothing now mounted in the namespace
+                   shows up in the parent */
+                if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0)
+                        return -errno;
 
-        for (m = mounts; m < mounts + n; ++m) {
-                r = apply_mount(m, tmp_dir, var_tmp_dir);
-                if (r < 0)
-                        goto fail;
-        }
+                for (m = mounts; m < mounts + n; ++m) {
+                        r = apply_mount(m, tmp_dir, var_tmp_dir);
+                        if (r < 0)
+                                goto fail;
+                }
 
-        for (m = mounts; m < mounts + n; ++m) {
-                r = make_read_only(m);
-                if (r < 0)
-                        goto fail;
+                for (m = mounts; m < mounts + n; ++m) {
+                        r = make_read_only(m);
+                        if (r < 0)
+                                goto fail;
+                }
         }
 
-        /* Remount / as the desired mode */
+        /* Remount / as the desired mode. Not that this will not
+         * reestablish propagation from our side to the host, since
+         * what's disconnected is disconnected. */
         if (mount(NULL, "/", NULL, mount_flags | MS_REC, NULL) < 0) {
                 r = -errno;
                 goto fail;
@@ -413,9 +417,11 @@ int setup_namespace(
         return 0;
 
 fail:
-        for (m = mounts; m < mounts + n; ++m)
-                if (m->done)
-                        umount2(m->path, MNT_DETACH);
+        if (n > 0) {
+                for (m = mounts; m < mounts + n; ++m)
+                        if (m->done)
+                                umount2(m->path, MNT_DETACH);
+        }
 
         return r;
 }
-- 
cgit v1.2.3-54-g00ecf