xbps-uchroot(8): do not remount / unnecessarily.
This commit is contained in:
parent
c301cc32e5
commit
c5d56bbf83
3
NEWS
3
NEWS
@ -1,5 +1,8 @@
|
|||||||
xbps-0.38 (???):
|
xbps-0.38 (???):
|
||||||
|
|
||||||
|
* xbps-uchroot(8): do not remount / unnecessarily; just mount it as private
|
||||||
|
and nosuid once; this is enough for our use cases.
|
||||||
|
|
||||||
* xbps-query(8): --show/-S mode now explicitly prints pkg metadata keys
|
* xbps-query(8): --show/-S mode now explicitly prints pkg metadata keys
|
||||||
with the bold ANSI escape code.
|
with the bold ANSI escape code.
|
||||||
|
|
||||||
|
@ -206,11 +206,8 @@ main(int argc, char **argv)
|
|||||||
}
|
}
|
||||||
if (!openvz_container()) {
|
if (!openvz_container()) {
|
||||||
/* Make / a private mount */
|
/* Make / a private mount */
|
||||||
if (mount(NULL, "/", "none", MS_PRIVATE|MS_REC, NULL) == -1)
|
if (mount(NULL, "/", "none", MS_PRIVATE|MS_REC|MS_NOSUID, NULL) == -1)
|
||||||
die("mount(/, MS_PRIVATE|MS_REC)");
|
die("mount(/, MS_PRIVATE|MS_REC|MS_NOSUID)");
|
||||||
/* Remount / with nosuid just in case */
|
|
||||||
if (mount (NULL, "/", "none", MS_PRIVATE|MS_REMOUNT|MS_NOSUID, NULL) == -1)
|
|
||||||
die("mount(/, MS_PRIVATE|MS_REMOUNT|MS_NOSUID");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* mount /proc */
|
/* mount /proc */
|
||||||
|
Loading…
Reference in New Issue
Block a user