On Wednesday 2012-01-11 16:13, Lennart Poettering wrote:
>>
>> Of course, if you conceal the rootfs-type vfsmount, there is no way that
>> the proc trick is going to work -- which is why I proposed using
>> pivot_root instead of {MS_MOVE + chroot} and *keeping* the rootfs
>> vfsmount around, in a visible fashion.
>
>pivot_root is very similar to an MS_BIND for the old root dir plus an
>MS_MOVE for the new one, and as such is pretty much obsolete.
The semantics for pivot_root and BIND+MOVE are very much distinct.
Here is why:
/bin/sleep 9999 &
[1] 5328
mount / /tmp/testchroot/rt --bind
mount /proc /tmp/testchroot/proc --bind
#
# assumes a sufficiently populated chroot with ls(1)
chroot /tmp/testchroot /bin/ls -l /proc/5328/exe
you will get "/bin/sleep" rather than "/rt/bin/sleep".
Bind mounts generate a new vfsmount. You absolutely _have_ to keep
around the original vfsmount where programs were started, therefore,
pivot_root is required. bind(+move) just don't suffice.
No, I do not think pivot_root is obsolete given what it can do.
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
