[Pkg-systemd-maintainers] Bug#734813: systemd as pid1 allows lxc-containers to unmount host filesystems
Alexander Larsson
alexander.larsson at gmail.com
Fri Jan 10 08:05:40 GMT 2014
I've added code to docker to handle / being shared, since fedora works like
that. It works by detecting a shared / and the starting lxc-start in its
own namespace where we've mounted / as rslave. See the code here:
https://github.com/dotcloud/docker/blob/master/container.go#L673
This works out of the box on fedora. Strange that it doesn't work on debian.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20140110/4c455c7d/attachment-0002.html>
More information about the Pkg-systemd-maintainers
mailing list