From: ebiederm@xmission.com (Eric W. Biederman)
To: Richard Weinberger <richard@nod.at>
Cc: Ram Pai <linuxram@us.ibm.com>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
Al Viro <viro@zeniv.linux.org.uk>,
Christoph Hellwig <hch@infradead.org>,
Paul McKenney <paulmck@linux.vnet.ibm.com>,
Jeff Mahoney <jeffm@suse.com>,
sahne@0x90.at,
"linux-kernel\@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: MNT_DETACH and mount namespace issue
Date: Mon, 04 Aug 2014 15:59:08 -0700 [thread overview]
Message-ID: <87ppgfzwsj.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <53DFF8E7.2060906@nod.at> (Richard Weinberger's message of "Mon, 04 Aug 2014 23:19:35 +0200")
Richard Weinberger <richard@nod.at> writes:
> Am 04.08.2014 18:46, schrieb Eric W. Biederman:
>> Richard Weinberger <richard.weinberger@gmail.com> writes:
>>
>>> On Sat, Aug 2, 2014 at 12:09 AM, Eric W. Biederman
>>> <ebiederm@xmission.com> wrote:
[snip]
>>
>> Hmm. That problem does sound familiar.
>>
>> Is the problem oversharing? Is the problem that the mount of /proc in
>> the chroot directory is propogating into other mount namespaces that
>> don't care?
>
> /proc is propagating into another mount namespaces that does not care.
> This happens because systemd creates for several services a mount namespace and sets
> the root tree to MS_SHARED.
Unless you are in the primary mount namespace when having this issue
it would be good to run mount make-rprivate / before mounting your new
/proc.
>> If the problem is over propogating I would argue that KIWI needs to
>> use a mount namespace instead of a chroot and to tweak the mount
>> namespace so the mount of /proc simply does not leak out.
>>
>> Not that the kernel doesn't need to be fixed but that a design where
>> mounts propogate everywhere is a problem in userspace anyway, and it is
>> likely going to only need to be a handful of lines of code to fix
>> userspace cleanly. While the kernel fix or fixes are going to require a
>> bit more time.
>
> KIWI can bypass the issue by not using a lazy unmount of /proc.
> But I fear more applications will need fixing.
> While I don't think that it was a wise choice from systemd developers to set
> / shared by default I agree that systemd is not the root cause of the problem.
> It is the messenger.
>
> It is just annoying that applications stopped working correctly after upgrading
> to systemd.
Quite.
The deep issue here is actually the design of how mount propogation
works. If you want the option of mounts to propogate then you are
required to make them shared to start with then after creating a mount
namespace if you don't want that sharing you have to do
"mount --make-rprivate /". Essentially all of this is documented
in Documentation/shared-subtress.txt. Although frankly I have yet to
find a case where I really want shared subtreess. Though I have found
a few cases where because we have to deal with sharing I using sharing
to make it not a pain.
Ultimately this means is that in every mount namespace that is created
we have to turn off sharing if we don't want it. Which usually we
don't because mount namespaces are used when complete sharing is
undesirable.
Eric
prev parent reply other threads:[~2014-08-04 23:03 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-30 13:59 [PATCH] vfs: Fix RCU usage in __propagate_umount() Richard Weinberger
2014-07-30 14:20 ` Richard Weinberger
2014-07-30 18:39 ` Paul E. McKenney
2014-07-30 20:46 ` MNT_DETACH and mount namespace issue (was: Re: [PATCH] vfs: Fix RCU usage in __propagate_umount()) Richard Weinberger
2014-07-31 22:17 ` MNT_DETACH and mount namespace issue Richard Weinberger
2014-08-01 15:44 ` Ram Pai
2014-08-01 19:20 ` Richard Weinberger
2014-08-01 22:09 ` Eric W. Biederman
2014-08-04 8:40 ` Richard Weinberger
2014-08-04 16:46 ` Eric W. Biederman
2014-08-04 21:19 ` Richard Weinberger
2014-08-04 22:10 ` Ram Pai
2014-08-04 22:16 ` Richard Weinberger
2014-08-04 22:59 ` Eric W. Biederman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ppgfzwsj.fsf@x220.int.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=hch@infradead.org \
--cc=jeffm@suse.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxram@us.ibm.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=richard@nod.at \
--cc=sahne@0x90.at \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox