On Mon, May 25, 2020 at 03:13:18PM +0200, Michael Kerrisk (man-pages) wrote:
> A follow-up question. There was one piece of the unshare(1) examples
> that I did not try to rework, because I simply don't understand it:
> v
> Establish a persistent mount namespace referenced by the bind
> mount /root/namespaces/mnt. This example shows a portable solu‐
> tion, because it makes sure that the bind mount is created on a
> shared filesystem.
>
> # mount --bind /root/namespaces /root/namespaces
> # mount --make-private /root/namespaces
> # touch /root/namespaces/mnt
> # unshare --mount=/root/namespaces/mnt
>
> I think you wrote this example. What does the sentence "This example shows
> a portable solution, because it makes sure that the bind mount is created
> on a shared filesystem" mean? I think this needs clarification, and I'd try
> to do so, but it's not clear to me what the sentence is trying to say.
Hmm... it should be "the /root/namespaces/mnt is on a private
filesystem". The important thing is --make-private in this case,
because for example on Fedora we use "shared" propagation flag for
root FS and without bind + make-private you will be unsuccessful. The
example makes it portable between distros.
Karel
--
Karel Zak <kzak@xxxxxxxxxx>
http://karelzak.blogspot.com
