From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Mon, 5 Jul 2021 10:11:42 +0000 (+0200)
Subject: lxc_unshare: make mount table private
X-Git-Tag: lxc-5.0.0~143^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ecd92dffbc9e4d423169c35c3eebebaa2c961f9e;p=thirdparty%2Flxc.git

lxc_unshare: make mount table private

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/tools/lxc_unshare.c b/src/lxc/tools/lxc_unshare.c
index b4b073a02..8e4716cf3 100644
--- a/src/lxc/tools/lxc_unshare.c
+++ b/src/lxc/tools/lxc_unshare.c
@@ -246,8 +246,13 @@ static int do_start(void *arg)
 		}
 	}
 
-	if ((start_arg->flags & CLONE_NEWNS) && start_arg->want_default_mounts)
-		lxc_setup_fs();
+	if (start_arg->flags & CLONE_NEWNS) {
+		if (mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, 0) < 0)
+			_exit(EXIT_FAILURE);
+
+		if (start_arg->want_default_mounts)
+			lxc_setup_fs();
+	}
 
 	if ((start_arg->flags & CLONE_NEWUTS) && want_hostname)
 		if (sethostname(want_hostname, strlen(want_hostname)) < 0) {