[buildd-tools-devel] Bug#786566: schroot: Should mark bind mounts in the schroot as private

Tyler Hicks tyhicks at canonical.com
Tue Oct 27 22:36:19 UTC 2015 

On 2015-08-12 21:08:33, Raphael Hertzog wrote:
> On Tue, 11 Aug 2015, Tyler Hicks wrote:
> > > Also recent mount allow you to specify mount options like "shared",
> > > "slave", "private" so we should respect this choice when
> > > the user has supplied them in the fstab... (or "rshared", "rprivate",
> > > "rslave").
> > 
> > I made sure to preserve that functionality. Only the bind and rbind
> > mounts in the profile's fstab are being set to private. The mount
> > utility does not support having bind/rbind and a mount propagation mode
> > on the same line. If a user wants to set a custom mount propagation
> > mode, they'd have to do so with a new line in fstab. That's the case
> > with the mount utility and with my proposed patch to schroot.
> 
> That's no longer the case. As I said, mount now accepts such options
> (even for bind mount), cf man mount:
> 
>   Since util-linux 2.23 the  mount  command  allows  to  use  several
>   propagation  flags together  and also together with other mount
>   operations.  This feature is EXPERIMENTAL.  The propagation flags are
>   applied by additional mount(2) syscalls  when  the  preceding mount
>   operations were successful.  Note that this use case is not atomic.  It
>   is possible to specify the propagation flags in fstab(5)  as  mount
>   options  (private,  slave, shared, unbindable, rprivate, rslave,
>   rshared, runbindable).
> 
> I just tested this by changing one /etc/schroot/*/fstab to add a "slave"
> option on a bind mount and it worked as expected.
> 
> Thus I believe that you should not call mount --make-private if one of
> those option is set in the fstab file.

Thanks. I've attached patches which do what you suggested.

Tyler
-------------- next part --------------
A non-text attachment was scrubbed...
Name: master-libexec-mount-make-bind-mounts-private.patch
Type: text/x-diff
Size: 3637 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20151027/c3f9073a/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 1.6-schroot-mount-make-bind-mounts-private.patch
Type: text/x-diff
Size: 3662 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20151027/c3f9073a/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20151027/c3f9073a/attachment.sig>

More information about the Buildd-tools-devel mailing list