Menu
I wrote a small C program that simply does an unshare(CLONE_NEWNS) followed by system("bash").
The man page says that the process should have its own namespace. So, in the shell I tried unmount /cgroup (cgroup is mounted on the original machine).
When I do a mount in a shell on the machine, /cgroup is unmounted there too. Am I missing something here? I thought that CLONE_NEWNS was to let me unmount a file system from the process without affecting the main system.
204
(As an aside, you didn't need to write a program - you could just use the unshare(1) utility).
It is unmounting the filesystem only in the new namespace, and leaving it mounted in the original - the problem is that mount uses /etc/mtab to produce the list of currently-mounted filesystems, and that's just an ordinary file that can be updated by the mount command in the new namespace. This means that /etc/mtab gets out of synch with what's really going on (since there's only one /etc/mtab, but two mount namespaces).
Check /proc/mounts instead, to see what's actually mounted in the current namespace.
153
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
