Re: How do I make a clean mount namespace?

From: Andy Lutomirski
Date: Wed Apr 23 2014 - 20:54:57 EST


On Wed, Apr 23, 2014 at 1:01 PM, Richard Weinberger
<richard.weinberger@xxxxxxxxx> wrote:
> On Wed, Apr 23, 2014 at 12:12 AM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
>> I want to set up a little container. So I unshare the mount namespace
>> and mount something somewhere (say /mnt) that I want to be my new
>> root. Now what?
>>
>> pivot_root("/mnt", "/mnt/garbage") seems to frequently return -EBUSY.
>>
>> mounting /mnt onto / using MS_MOVE seems to succeed, but / still
>> points at the old root.
>>
>> Am I missing a clean way to do this? I want a way to say "make this
>> mountpoint be the root of the whole mount namespace and lazy-unmount
>> everything outside it". If there is no straightforward way to do
>> that, can we add one?
>
> I fear you have to read /proc/mounts and umount() everything in the
> correct order.
> If you find a better way, please tell. :-)
>

How about adding a new syscall:

int change_root_mount(const char *path, unsigned long flags);

This requires CAP_SYS_ADMIN and it requires that the caller is not
chrooted. path must be a mountpoint and flags must be zero.

It lazy-unmounts everything outside path, and it moves path to /.
When it's done, the current process's root is '/'. If you want to
retain temporary access to outside things, you can keep an fd open.
If the old root is shared, it is made private. It's okay for path to
be shared (I think).

If other things are already running in the current mount namespace,
then their root directory stays the same, so they keep working, but
they may be a little confused.

I think this could replace pivot_root for most use cases, and it could
simplify programs like switch_root.

Thoughts?

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/