If the filesystem mounts on the host have the MS_SHARED or MS_SLAVE
flag set, and a container without a rootfs is started, then any new
mounts created inside the container are currently propagated into
the host. In addition to mounts placed in the configuration file of
the container or performed manually after startup, the automatic
mounting of /proc by lxc-execute will propagate back into the host,
effectively crippling the entire system. This can be prevented by
setting the MS_SLAVE flag on all mounts (inside the container's own
mount namespace) during startup if a rootfs is not configured.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
{
const struct lxc_rootfs *rootfs = &conf->rootfs;
- if (!rootfs->path)
+ if (!rootfs->path) {
+ if (mount("", "/", NULL, MS_SLAVE|MS_REC, 0)) {
+ SYSERROR("Failed to make / rslave");
+ return -1;
+ }
return 0;
+ }
if (access(rootfs->mount, F_OK)) {
SYSERROR("failed to access to '%s', check it is present",