From 8d9a94fca51ce4f27dd07a23331e887824f75a35 Mon Sep 17 00:00:00 2001 From: Johannes Schauer Marin Rodrigues Date: Fri, 10 Feb 2023 13:26:24 +0100 Subject: [PATCH] if /proc is bind-mounted, make it a (recursive) slave mount so that changes to it (like unmounting) do not propagate to the outside Thanks: Helmut Grohne --- mmdebstrap | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/mmdebstrap b/mmdebstrap index 23a3f91..d6ce624 100755 --- a/mmdebstrap +++ b/mmdebstrap @@ -1456,15 +1456,27 @@ sub setup_mounts { # if mounting proc failed, try bind-mounting it read-only as a # last resort 0 == system( - 'mount', '-o', + 'mount', '-o', 'rbind', '/proc', "$options->{root}/proc" ) ) { + warning("since mounting /proc normally failed, /proc is now " + . "bind-mounted instead"); + # to make sure that changes (like unmounting) to the + # bind-mounted /proc do not affect the outside /proc, change + # all the bind-mounts under /proc to be a slave mount. + if ( + 0 != system('mount', '--make-rslave', + "$options->{root}/proc")) { + warning("mount --make-rslave /proc failed"); + } push @cleanup_tasks, sub { # since we cannot write to /etc/mtab we need --no-mtab - 0 == system('umount', '--no-mtab', "$options->{root}/proc") - or warning("umount /proc failed: $?"); + 0 == system( + 'umount', '--no-mtab', + '--lazy', "$options->{root}/proc" + ) or warning("umount /proc failed: $?"); }; } else { error "mount /proc failed: $?";