From: Fengtu Wang <wangfengtu@huawei.com>
Date: Mon, 2 Apr 2018 21:00:19 +0000 (+0800)
Subject: conf: ensure umounts don't propagate to host
X-Git-Tag: lxc-3.1.0~340^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e599717bc50303fb2e45cc82bc8e0857cd6d61aa;p=thirdparty%2Flxc.git

conf: ensure umounts don't propagate to host

Signed-off-by: Fengtu Wang <wangfengtu@huawei.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index fe30800d7..745584308 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1112,7 +1112,7 @@ static int setup_rootfs_pivot_root(const char *rootfs)
 		goto on_error;
 	}
 
-	/* At this point the old-root is mounted on top of our new-root To
+	/* At this point the old-root is mounted on top of our new-root. To
 	 * unmounted it we must not be chdir'd into it, so escape back to
 	 * old-root.
 	 */
@@ -1122,6 +1122,15 @@ static int setup_rootfs_pivot_root(const char *rootfs)
 		goto on_error;
 	}
 
+	/* Make oldroot rslave to make sure our umounts don't propagate to the
+	 * host.
+	 */
+	ret = mount("", ".", "", MS_SLAVE | MS_REC, NULL);
+	if (ret < 0) {
+		SYSERROR("Failed to make oldroot rslave");
+		goto on_error;
+	}
+
 	ret = umount2(".", MNT_DETACH);
 	if (ret < 0) {
 		SYSERROR("Failed to detach old root directory");