projects / project / procd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
jail: ensure mounts are not MS_SHARED to avoid pivot_root() failure
[project/procd.git] / jail / jail.c
diff --git a/jail/jail.c b/jail/jail.c
index b3f27d3..e425254 100644 (file)
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -129,6 +129,12 @@ static int build_jail_fs(void)
                return -1;
        }
 
                return -1;
        }
 
+       /* oldroot can't be MS_SHARED else pivot_root() fails */
+       if (mount("none", "/", NULL, MS_REC|MS_PRIVATE, NULL)) {
+               ERROR("private mount failed %s\n", strerror(errno));
+               return -1;
+       }
+
        if (mount("tmpfs", jail_root, "tmpfs", MS_NOATIME, "mode=0755")) {
                ERROR("tmpfs mount failed %s\n", strerror(errno));
                return -1;
        if (mount("tmpfs", jail_root, "tmpfs", MS_NOATIME, "mode=0755")) {
                ERROR("tmpfs mount failed %s\n", strerror(errno));
                return -1;
OpenWrt service / process manager