docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4465 from alexlarsson/private 

libcontainer: Use MS_PRIVATE instead of MS_SLAVE
This commit is contained in:
Michael Crosby 2014-03-05 12:16:18 -05:00
parent 6f2564350f 757b577572
commit ad68ab19e0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/libcontainer/nsinit/mount.go
View File

@ -21,7 +21,7 @@ const defaultMountFlags = syscall.MS_NOEXEC | syscall.MS_NOSUID | syscall.MS_NOD
// is no longer in use, the mounts will be removed automatically // is no longer in use, the mounts will be removed automatically
func setupNewMountNamespace(rootfs, console string, readonly bool) error { func setupNewMountNamespace(rootfs, console string, readonly bool) error {
// mount as slave so that the new mounts do not propagate to the host // mount as slave so that the new mounts do not propagate to the host
if err := system.Mount("", "/", "", syscall.MS_SLAVE|syscall.MS_REC, ""); err != nil { if err := system.Mount("", "/", "", syscall.MS_PRIVATE|syscall.MS_REC, ""); err != nil {
return fmt.Errorf("mounting / as slave %s", err) return fmt.Errorf("mounting / as slave %s", err)
} }
if err := system.Mount(rootfs, rootfs, "bind", syscall.MS_BIND|syscall.MS_REC, ""); err != nil { if err := system.Mount(rootfs, rootfs, "bind", syscall.MS_BIND|syscall.MS_REC, ""); err != nil {