From: Alexander Larsson <alexl-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: Linux Containers
<containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>
Subject: Detecting the use of a mount in another namespace
Date: Thu, 15 Jan 2015 09:56:05 +0100 [thread overview]
Message-ID: <1421312165.8788.7.camel@redhat.com> (raw)
This is a bit of a weird request, but I'm working on an app sandboxing
system where each container gets /usr read-only bind mounted from a
hardlinked tree. When i update the /usr tree I write the new tree to a
different directory, which avoids affecting any currently running apps
against the old one.
However, after updating I'd like to clean out the old version if it is
not in use. I had a plan for this:
1) Move the old usr to a "has been deleted" location
2) Try to remove a file inside the user (say ".ref") which the app when
running has bind-mounted somewhere
3) if the remove returned EBUSY, then the usr is in use.
However, with the recent changes to the semantics in this area this
doesn't work. The remove always succeeds even if the file is mounted in
some other namespace.
I realize that this is better semantics in general, but that was a quite
useful hack. Is there any other similar way i can detect that something
is in use in "any other namespace".
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org alexander.larsson-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
He's a benighted drug-addicted werewolf with acid for blood. She's a
psychotic Bolivian mercenary with an incredible destiny. They fight
crime!
next reply other threads:[~2015-01-15 8:56 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-15 8:56 Alexander Larsson [this message]
[not found] ` <1421312165.8788.7.camel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2015-01-15 10:34 ` Detecting the use of a mount in another namespace Daniel P. Berrange
[not found] ` <20150115103417.GC8057-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2015-01-15 16:29 ` Alexander Larsson
[not found] ` <1421339341.29655.13.camel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2015-01-18 17:51 ` Eric W. Biederman
[not found] ` <87d26cvuy8.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-02-10 10:34 ` Alexander Larsson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1421312165.8788.7.camel@redhat.com \
--to=alexl-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.