Bug#739593: marked as done (unshare -m aka unshare(CLONE_NEWNS) mounts are visible globally)

Sat, 22 Feb 2014 02:55:28 -0800 

Your message dated Sat, 22 Feb 2014 11:50:02 +0100
with message-id <x6txbrjuat....@midna.zekjur.net>
and subject line Re: [Pkg-systemd-maintainers] Bug#739593: systemd makes / 
shared by default
has caused the Debian Bug report #739593,
regarding unshare -m aka unshare(CLONE_NEWNS) mounts are visible globally
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
739593: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739593
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: linux
Version: 3.12.9-1
Severity: important

Mounts done in a unshare(CLONE_NEWNS) or unshare -m environment are
globally visible, and are not automatically removed once the process
exits:

$ mount | grep foobar
$ sudo unshare -m -- mount -t tmpfs foobar /tmp
$ mount | grep foobar
foobar on /tmp type tmpfs (rw,relatime)

This system is running systemd 204-6.

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (700, 'testing'), (150, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.12-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Christoph
-- 
c...@df7cb.de | http://www.df7cb.de/

--- End Message ---
--- Begin Message --- 
Hi,

Bastian Blank <bastian.bl...@credativ.de> writes:
> system remounts / as shared with the following comment:
>
> | Mark the root directory as shared in regards to mount
> | propagation. The kernel defaults to "private", but we think
> | it makes more sense to have a default of "shared" so that
> | nspawn and the container tools work out of the box. If
> | specific setups need other settings they can reset the
> | propagation mode to private if needed.
As Bastian notes, this is intended behavior. Closing the bug therefore.

-- 
Best regards,
Michael

--- End Message ---

Reply via email to