Ludovic Courtès <[email protected]> skribis:
> The read-only remount comes from ‘mount-file-system’ in (gnu build
> file-systems):
>
> ;; For read-only bind mounts, an extra remount is needed, as per
> ;; <http://lwn.net/Articles/281157/>, which still applies to Linux
> ;; 4.0.
> (when (and (= MS_BIND (logand flags MS_BIND))
> (= MS_RDONLY (logand flags MS_RDONLY)))
> (let ((flags (logior MS_BIND MS_REMOUNT MS_RDONLY)))
> (mount source mount-point type flags #f)))
>
> This recipe has been working well “forever”, although it’s probably
> unnecessary with recent kernels (the LWN article is from 2008).
Apparently the extra remount is still necessary, and the ‘mount’ command
does it for you if you combine ‘--bind’ with ‘-o ro’:
--8<---------------cut here---------------start------------->8---
# strace -e mount mount --bind -o ro t m
mount("/tmp/t", "/tmp/m", 0xde1930, MS_RDONLY|MS_BIND, NULL) = 0
mount("none", "/tmp/m", NULL, MS_RDONLY|MS_REMOUNT|MS_BIND, NULL) = 0
+++ exited with 0 +++
# mount --version
mount from util-linux 2.35.1 (libmount 2.35.1: btrfs, namespaces, assert, debug)
# uname -sr
Linux 5.10.10-gnu
--8<---------------cut here---------------end--------------->8---
Ludo’.
