Re: [systemd-devel] disabling shared mount propagation
Am 23.04.2013 21:51, schrieb Albert Strasheim: is causing some headaches with some services of ours that use unshare to get a new mount namespace and make some private mounts which we don't want propagated. Proper solution: Directly after the unshare, run either mount(none, /, none, MS_REC | MS_SLAVE, NULL) (mount --make-rslave /) or mount(none, /, none, MS_REC | MS_PRIVATE, NULL) (mount --make-rprivate /) in the context of your service. In most cases, leaving the global mount namespace as shared and setting your service's namespace to slave gives the most desirable behaviour. signature.asc Description: OpenPGP digital signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] disabling shared mount propagation
On Tue, 23.04.13 21:51, Albert Strasheim (full...@gmail.com) wrote: What is the recommended way to do this during early boot? Was the fstab way of doing it (mentioned in the Git commit message) ever implemented? Karel added that in the very latest util-linux: http://karelzak.blogspot.com.br/2013/04/umount8-mount8-and-nsenter1.html More details: We need to reset this before any of our services run. We are activating services to manage individual disks with SYSTEMD_WANTS via udev, which includes mounting the file system in a private mount namespace, via a unshare in the ExecStart= part. One hack would be to have this unit do ExecStartPre=mount --make-rprivate / but that seems quite gross. A simple solution would be to write a new service for this: snip [Unit] DefaultDependencies=no Before=local-fs.target [Service] ExecStart=/usr/bin/mount --make-rprivate / Type=oneshot snip and the pull this in via a .wants link from local-fs.target or so. Lennart -- Lennart Poettering - Red Hat, Inc. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] disabling shared mount propagation
Hello all This change, which made mount propagation default to shared: http://cgit.freedesktop.org/systemd/systemd/commit/?id=b3ac5f8cb98757416d8660023d6564a7c411f0a0 and which went into Fedora 17 in January 2013: http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095395.html is causing some headaches with some services of ours that use unshare to get a new mount namespace and make some private mounts which we don't want propagated. For now, we'd simply like to revert to private mount propagation. A code comment in the change says: If specific setups need other settings they can reset the propagation mode to private if needed. What is the recommended way to do this during early boot? Was the fstab way of doing it (mentioned in the Git commit message) ever implemented? More details: We need to reset this before any of our services run. We are activating services to manage individual disks with SYSTEMD_WANTS via udev, which includes mounting the file system in a private mount namespace, via a unshare in the ExecStart= part. One hack would be to have this unit do ExecStartPre=mount --make-rprivate / but that seems quite gross. Any advice appreciated. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
