namespace: when mounting new proc instance, bind mount submounts of source over

Fixes: #28059

diff --git a/src/core/namespace.c b/src/core/namespace.c
index bf01c5e0284143aec5add0ec4ea609cab344a100..f39ab2f4689b037777158fbdd2327cb812b7b878 100644 (file)
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -1178,6 +1178,10 @@ static int mount_procfs(const MountEntry *m, const NamespaceInfo *ns_info) {
                 }
         } else if (r < 0)
                 return r;
+        else
+                /* We mounted a new instance now. Let's bind mount the children over now. This matters for
+                 * nspawn where a bunch of files are overmounted, in particular the boot id */
+                (void) bind_mount_submounts("/proc", entry_path);
 
         return 1;
 }