Re: [OE-core] [PATCH v3] systemd: re-enable mount propagation for udevd

2018-02-23 Thread Vincent Prince
Hi all, I have MountFlags=slave defined, and I use the following recipe to automount usb stick without right issues: https://github.com/nefethael/meta-random/blob/master/recipes-support/usbmount/usbmount_git.bb I think we should keep this settings as it is. What is the problematic use case?

Re: [OE-core] [PATCH v3] systemd: re-enable mount propagation for udevd

2018-02-22 Thread Hongzhi, Song
What do you mean "it only happens with libseccomp"? I have tried to enable or disable seccomp via CONFIG_SECCOMP, buf the results were same unless I set MountFlags=shared. Without propagation patch, all block device, such as '/dev/sda*', mounted by systemd-udev, are unaccessible to

Re: [OE-core] [PATCH v3] systemd: re-enable mount propagation for udevd

2018-02-22 Thread Hongzhi, Song
If MountFlags=slave, systemd-udevd mounts all block device,  such as '/dev/sda1' '/dev/mmcblk*' , in itself unit namespace. So other namespace, such as 'root user', has no access to use block device mentioned above. On 2018年02月23日 08:50, Otavio Salvador wrote: On Thu, Feb 22, 2018 at 11:15

Re: [OE-core] [PATCH v3] systemd: re-enable mount propagation for udevd

2018-02-22 Thread Otavio Salvador
On Thu, Feb 22, 2018 at 11:15 AM, Hongzhi.Song wrote: > MountFlags's default value is shared in systemd-udevd.service. But upstream > sets MountFlags with slave just for keeping mounts done by udev private to > udevd, which causes block device mounted by udev unvisable

Re: [OE-core] [PATCH v3] systemd: re-enable mount propagation for udevd

2018-02-22 Thread Burton, Ross
We used to have this but it was removed in the 232 upgrade: * Drop mount propagation patch, it only happens with libseccomp, OE doesnt enable it Is this not the case? Or are you enabling seccomp? Maybe this should be a bbappend in meta-security? Ross On 22 February 2018 at 14:15,