> Does it have some logic to avoid descending into bind mounts? Maybe I am > wrong with my expectation that it does not use anything besides st_dev from > stat result. It may be promising case to demonstrate the issue in a way > independent of systemd and sandboxing. You can obtain command line arguments. > Attach to its mount namespace and inspect content of its /proc/<PID>/mounts > or mountinfo. The next step would be to profile or at least to trace a > process.
I'm not sure i understand you there. > I have not figured out from your description what problem you solved by using > bind mounts, but bublewrap (so flatpak and snap) and firejail relies on bind > mounts as well. Perhaps you have some unique factors. Mounts are used as a way of sharing folders in different users' home directories. For instance you would have : /users/bob/accounting shared with Alice and accessible in her home directory /users/alice/accounting Thanks for your help :)
