On Tue, Sep 23, 2014 at 03:55:40PM +0100, Ian Jackson wrote: > If you have a directory schroot chroot whose source directory is the > same as /, schroot's bind mount in /var/lib/schroot/mounts is > invisible to file tree walking tools. > > That is, rsync --one-file-system (rsync -x), cp --one-file-system > (cp -x), find -xdev, etc., do not notice the mount point, and > typically traverse through it. > > This is far from ideal. Now arguably this is a bug in bind mounts > (perhaps a design bug). But as it happens it is easy to work around > this problem in schroot in a way that is both correct and will fix > almost all the problems: > > Move /var/lib/schroot/mounts to /var/run/schroot/mounts or some such. > > Typically /var/run is a tmpfs. As a result there will be a filesystem > with a different devid between / and the chroot. So to all the file > tree walkers, it will look like two mount points. Backup tools, > find, etc., will not descend into schroot's bind mount because they'll > stop at /var/run.
Hmm, this is an interesting problem. Your proposed solution would certainly provide a boundary to stop traversal, but I'm not sure it would help in all situations, since e.g. for file-based chroots we unpack them under /var/lib/schroot. Putting the mounts themselves under /var/run should be safe enough though. In recent years, I've put the chroot directories in btrfs subvolumes, where the subvolumes have a separate devid, and had that as a separate filesytem (don't trust it enough for the rootfs). Currently implementing support for ZFS snapshots. I'll need to do some testing of this to make sure it doesn't break anything. If you have any further thoughts or ideas, please do let me know! Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools `- GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
