mount: remount / as private before doing any new mounts

diff --git a/contain.h b/contain.h
index edba108cc362850dd01c305132d0457356fea549..31c871484107992321a32c756444e3330d0f3d7d 100644 (file)
--- a/contain.h
+++ b/contain.h
@@ -26,7 +26,7 @@
 
 #include "common.h"
 
-bool containSetupFD(struct nsjconf_t *nsjconf, int fd_in, int fd_out, int fd_err);
+bool containSetupFD(struct nsjconf_t * nsjconf, int fd_in, int fd_out, int fd_err);
 bool containContain(struct nsjconf_t *nsjconf);
 
 #endif                         /* NS_CONTAIN_H */

diff --git a/mount.c b/mount.c
index 12b88f6f3881dc469ad250de19792fc969d94cd7..86b4e42dc17677a064112cbdaf12e52926c4e236 100644 (file)
--- a/mount.c
+++ b/mount.c
@@ -314,6 +314,10 @@ static bool mountInitNsInternal(struct nsjconf_t *nsjconf)
                return false;
        }
 
+       if (mount("/", "/", NULL, MS_BIND | MS_REC | MS_PRIVATE | MS_REMOUNT, NULL) == -1) {
+               PLOG_E("mount('/', '/', NULL, MS_BIND|MS_REC|MS_PRIVATE|MS_REMOUNT, NULL)");
+               return false;
+       }
        if (mount(NULL, destdir, "tmpfs", 0, "size=16777216") == -1) {
                PLOG_E("mount('%s', 'tmpfs')", destdir);
                return false;