[Pkg-systemd-maintainers] Bug#734813: systemd as pid1 allows lxc-containers to unmount host filesystems
Paul Tagliamonte
paultag at debian.org
Fri Jan 10 01:57:06 GMT 2014
Once I was able to get a browser open, I found out olasd had researched
and found a commit[1] that seems to mark this as systemd's decision that
the kernel is wrong(?)
A workaround was sent to me in a gist[2], but I've not tried it yet.
Seems like it'd work. Another workaround given was to do:
for MNT in $(awk '{print $2}' /proc/mounts | sort -u) ; do
mount --make-rprivate $MNT;
done
Both are pretty ugly, and I really don't want to have to run this. Can
Debian systemd please revert this behavior?
Thanks!
Paul
[1]: http://cgit.freedesktop.org/systemd/systemd/commit/?id=b3ac5f8cb98757416d8660023d6564a7c411f0a0
[2]: https://gist.github.com/jpetazzo/55f7c216538a52f76c7c/raw
--
.''`. Paul Tagliamonte <paultag at debian.org> | Proud Debian Developer
: :' : 4096R / 8F04 9AD8 2C92 066C 7352 D28A 7B58 5B30 807C 2A87
`. `'` http://people.debian.org/~paultag
`- http://people.debian.org/~paultag/conduct-statement.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20140109/c4a670e8/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list