It would be preferable to do a mount --bind --make-private in one atomic action

Anders Blomdell <anders.blomdell@xxxxxxxxxxxxxx> · Wed, 23 Nov 2011 15:05:28 +0100

The rationale is the race problems I recently found with pam_namspace 
(see https://bugzilla.redhat.com/show_bug.cgi?id=755216). The following 
small script and it's output shows what pam_namespace essentially does 
does, and the problems that might occur; assume that /work is 
automounted, then the following really confuses things:

(
echo '# Empty work'
findmnt | cut -c1-30 | grep work
echo '# First primary mount on work'
ls -ld /work/Fedora-16/.
findmnt | cut -c1-30 | grep work
unshare --mount -- /bin/sh -c "(
    mount --bind /work /work ;
    mount --make-private /work ;
    mount --bind /tmp /work ;
    echo '# Detached mount of work' ;
    findmnt | cut -c1-30 | grep work ;
    sleep 5 ;
    echo '# Before detached unmount of private work' ;
    findmnt | cut -c1-30 | grep work;
    umount /work ;
    echo '# Before detached unmount of bound work' ;
    findmnt | cut -c1-30 | grep work;
    echo '# Weird detached automount behaviour' ;
    ls -ld /work/Fedora-15/. ;
    umount /work ;
    echo '# Detached unmount') &"
sleep 1
echo '# Second primary mount on work'
ls -ld /work/Fedora-15/.
findmnt | cut -c1-30 | grep work
echo '# First primary mount on work no longer accessible'
ls -ld /work/Fedora-16/.
sleep 10
echo '# And the final remaining cruft'
findmnt | cut -c1-30 | grep work
)

Which gives the following output (no wonder I had problems understanding 
what went wrong with my machines :-():

# Empty work
├─/work
# First primary mount on work
drwxr-xr-x 4 root root 4096 Nov 23 09:37 /work/Fedora-16/.
├─/work
│ └─/work/Fedora-16
# Detached mount of work
├─/work
│ ├─/work/Fedora-16
│ └─/work
│   └─/work
# Second primary mount on work
drwxr-xr-x 4 root root 4096 Nov 23 09:36 /work/Fedora-15/.
├─/work
│ ├─/work/Fedora-16
│ ├─/work
│ │ └─/work/Fedora-15
│ └─/work/Fedora-15
# First primary mount on work no longer accessible
ls: cannot access /work/Fedora-16/.: Too many levels of symbolic links
# Before detached unmount of private work
├─/work
│ ├─/work/Fedora-16
│ ├─/work
│ │ └─/work
│ └─/work/Fedora-15
# Before detached unmount of bound work
├─/work
│ ├─/work/Fedora-16
│ ├─/work
│ └─/work/Fedora-15
# Weird detached automount behaviour
ls: cannot access /work/Fedora-15/.: Too many levels of symbolic links
# Detached unmount
# And the final remaining cruft
├─/work
│ ├─/work/Fedora-16
│ ├─/work
│ │ └─/work/Fedora-15
│ └─/work/Fedora-15

--
Anders Blomdell                  Email: anders.blomdell@xxxxxxxxxxxxxx
Department of Automatic Control
Lund University                  Phone:    +46 46 222 4625
P.O. Box 118                     Fax:      +46 46 138118
SE-221 00 Lund, Sweden

--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html