]> git.ipfire.org Git - pakfire.git/commitdiff
projects / pakfire.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 67a3604)
execute: Disable mount propagation before calling pivot_root()
authorMichael Tremer <michael.tremer@ipfire.org>
Sun, 17 Jul 2022 12:13:54 +0000 (12:13 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Sun, 17 Jul 2022 12:13:54 +0000 (12:13 +0000)
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/libpakfire/execute.c patch | blob | blame | history
src/libpakfire/include/pakfire/mount.h patch | blob | blame | history
src/libpakfire/mount.c patch | blob | blame | history

diff --git a/src/libpakfire/execute.c b/src/libpakfire/execute.c
index 310ab737267d22d89aaebdfb450ff665e6b817a7..f4cde9465494849ffe7f823732b428dc72d2fe04 100644 (file)
--- a/src/libpakfire/execute.c
+++ b/src/libpakfire/execute.c
@@ -561,6 +561,11 @@ static int pakfire_execute_fork(void* data) {
 
        // Change root (unless root is /)
        if (strcmp(root, "/") != 0) {
+               // Disable mount propagation on /
+               r = pakfire_disable_mount_propagation(pakfire, "/");
+               if (r)
+                       return r;
+
                // Mount everything
                r = pakfire_mount_all(pakfire, MOUNT_IN_NEW_NS);
                if (r)
diff --git a/src/libpakfire/include/pakfire/mount.h b/src/libpakfire/include/pakfire/mount.h
index fba1ae735e1c17e7ac2a2a839a1d90f7dce7ec72..6f1b9a0568e0c204910a45687ecbce5667700b92 100644 (file)
--- a/src/libpakfire/include/pakfire/mount.h
+++ b/src/libpakfire/include/pakfire/mount.h
@@ -30,6 +30,8 @@ enum pakfire_mount_flags {
        MOUNT_IN_NEW_NS = (1 << 0),
 };
 
+int pakfire_disable_mount_propagation(struct pakfire* pakfire, const char* path);
+
 int pakfire_mount_list(struct pakfire* pakfire);
 
 int pakfire_mount(struct pakfire* pakfire, const char* source, const char* target,
diff --git a/src/libpakfire/mount.c b/src/libpakfire/mount.c
index 03995c80e4b1fab05f7bba6ff18766a31a6dec37..67313d4466a3dd277310caf939f20715344730e7 100644 (file)
--- a/src/libpakfire/mount.c
+++ b/src/libpakfire/mount.c
@@ -77,6 +77,16 @@ static const struct pakfire_mountpoint {
        { NULL },
 };
 
+int pakfire_disable_mount_propagation(struct pakfire* pakfire, const char* path) {
+       DEBUG(pakfire, "Disabling mount propagation on %s\n", path);
+
+       int r = mount(NULL, path, NULL, MS_REC|MS_PRIVATE, NULL);
+       if (r)
+               ERROR(pakfire, "Failed to set mount propagation on %s to private: %m", path);
+
+       return r;
+}
+
 /*
        Easy way to iterate through all mountpoints
 */
Pakfire is the package management and build system for IPFire 3.x.