From: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Date: Sun, 29 May 2016 23:39:17 +0000 (+0000)
Subject: jail: ensure mounts are not MS_SHARED to avoid pivot_root() failure
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=98b63ed7b5612bd422f6bb52a6a7043fc2c09a1c;p=oweals%2Fprocd.git

jail: ensure mounts are not MS_SHARED to avoid pivot_root() failure

By default mounts are MS_PRIVATE (kernel default) but systemd
decided to make it MS_SHARED by default since v188
https://github.com/systemd/systemd/commit/b3ac5f8cb98757416d8660023d6564a7c411f0a0

This patch fixes ujail on systemd distro (useful for development at least).

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
---

diff --git a/jail/jail.c b/jail/jail.c
index b3f27d3..e425254 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -129,6 +129,12 @@ static int build_jail_fs(void)
 		return -1;
 	}
 
+	/* oldroot can't be MS_SHARED else pivot_root() fails */
+	if (mount("none", "/", NULL, MS_REC|MS_PRIVATE, NULL)) {
+		ERROR("private mount failed %s\n", strerror(errno));
+		return -1;
+	}
+
 	if (mount("tmpfs", jail_root, "tmpfs", MS_NOATIME, "mode=0755")) {
 		ERROR("tmpfs mount failed %s\n", strerror(errno));
 		return -1;