[CRIU] [PATCH 5/6] unshare: Mount new proc
Pavel Emelyanov
xemul at parallels.com
Wed Dec 9 04:01:33 PST 2015
This makes sense in both -- mnt and pid ns, but still makes. So when
we're in new mount namespace add new /proc mountpoint.
Signed-off-by: Pavel Emelyanov <xemul at parallels.com>
---
crtools.c | 2 +-
mount.c | 12 ++++++++++++
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/crtools.c b/crtools.c
index a1a316f..24b4a3f 100644
--- a/crtools.c
+++ b/crtools.c
@@ -130,7 +130,7 @@ static int parse_unshare_arg(char *opt)
}
/* Only pid, mnt and user for now */
- if (opts.unshare_flags & ~(CLONE_NEWNS)) {
+ if (opts.unshare_flags & ~(CLONE_NEWNS | 0x1)) {
pr_err("Unsharing this namespace(s) is not supported yet\n");
return -1;
}
diff --git a/mount.c b/mount.c
index 8ebca94..36c4991 100644
--- a/mount.c
+++ b/mount.c
@@ -3112,6 +3112,18 @@ int prepare_mnt_ns(void)
return -1;
}
+ if (opts.unshare_flags & 0x1) {
+ mount(NULL, "/proc", NULL, MS_PRIVATE, NULL);
+ if (mount("proc", "/proc", "proc",
+ MS_MGC_VAL | MS_NOSUID | MS_NOEXEC | MS_NODEV,
+ NULL)) {
+ pr_perror("Can't mount proc\n");
+ return -1;
+ }
+
+ pr_info("Re-mounted new fake proc\n");
+ }
+
goto ns_created;
}
--
1.9.3
More information about the CRIU
mailing list