[buildd-tools-devel] Bug#786566: schroot: Should mark bind mounts in the schroot as private

Tyler Hicks tyhicks at canonical.com
Fri May 22 21:35:56 UTC 2015 

Package: schroot
Version: 1.7.2-2
Severity: important
Tags: upstream patch

Dear Maintainer,

Schroot users that have /home/$USER as a separate mount point usually
update the various schroot profiles' fstab to include:

  /home           /home           none    rw,rbind        0       0

That has worked pretty well for many filesystems that would be mounted
at /home/$USER. However, I've recently had a lot of eCryptfs users
reporting issues when using systemd as their init system since systemd
uses shared mount propagation for mounts. The biggest issue is that
/home/$USER is unmounted in the host environment when schroot sessions
are ended due to the unmount events being propagated outside of the
schroot session's subdirectory.

I believe that the best fix is to mark bind mount points, under the
schroot session's subdirectory, as private. Also, rbind mount points
will need to be marked as rprivate.

I'll attach a patch developed against schroot's master git branch (which
should apply to 1.7.2-2) and another developed against the schroot-1.6
branch.

Tyler

-- System Information:
Debian Release: jessie/sid
  APT prefers vivid-updates
  APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 'vivid')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-16-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: master-libexec-mount-make-bind-mounts-private.patch
Type: text/x-diff
Size: 3504 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20150522/0a44560c/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 1.6-schroot-mount-make-bind-mounts-private.patch
Type: text/x-diff
Size: 3535 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20150522/0a44560c/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20150522/0a44560c/attachment.sig>

More information about the Buildd-tools-devel mailing list