automation-tests

Playground for tests of workflow automation and containers repository structure

Go to file

Paul Holzinger 2589ef49aa libnetwork/rootlessnetns: make mountns tree private While this is a none issue normally because we run in a unprivileged userns we cannot modify the host mounts in any way. However in case where the rootless netns logic might be executed from a non userns context we might change the mount tree if the mounts are shared which is the systemd default. While this should never happen let's make sure we never mess up the system by accident in case there are more bugs and explicitly make our mount tree private. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2024-04-03 11:40:44 +02:00
common	libnetwork/rootlessnetns: make mountns tree private	2024-04-03 11:40:44 +02:00

Paul Holzinger 2589ef49aa libnetwork/rootlessnetns: make mountns tree private

While this is a none issue normally because we run in a unprivileged
userns we cannot modify the host mounts in any way. However in case
where the rootless netns logic might be executed from a non userns
context we might change the mount tree if the mounts are shared which is
the systemd default. While this should never happen let's make sure we
never mess up the system by accident in case there are more bugs and
explicitly make our mount tree private.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>

2024-04-03 11:40:44 +02:00

common

libnetwork/rootlessnetns: make mountns tree private

2024-04-03 11:40:44 +02:00