From 50a4b0aafc15e65050f38e77c4804c0d755d8e22 Mon Sep 17 00:00:00 2001 From: Michael Kerrisk Date: Mon, 2 Feb 2015 12:58:43 +0100 Subject: [PATCH] umount.2: Tweak's to Eric Biederman's "shared subtrees on umount" patch Signed-off-by: Michael Kerrisk --- man2/umount.2 | 37 ++++++++++++++++++++++++++----------- 1 file changed, 26 insertions(+), 11 deletions(-) diff --git a/man2/umount.2 b/man2/umount.2 index a0120b2fc..5b3f1467b 100644 --- a/man2/umount.2 +++ b/man2/umount.2 @@ -97,23 +97,38 @@ Don't dereference if it is a symbolic link. This flag allows security problems to be avoided in set-user-ID-\fIroot\fP programs that allow unprivileged users to unmount filesystems. - -.P -Shared mount points cause any mount activity on that mount point -including umounts to be forwarded to every shared mount point in it's -peer group and every slave mount of that peer group. This means that -umount of any peer in a set of shared mounts will cause all of it's +.PP +Shared mount points cause any mount activity on a mount point, including +.BR umount (2) +operations, to be forwarded to every shared mount point in the +peer group and every slave mount of that peer group. +This means that +.BR umount (2) +of any peer in a set of shared mounts will cause all of its peers to be unmounted and all of their slaves to be unmounted as well. -This propogagtion of unmount activity can be particularly surprising -on systems where every mount point is shared by default. On such -systems recursively bind mounting the root directory of the filesystem +This propagation of unmount activity can be particularly surprising +on systems where every mount point is shared by default. +On such systems, +recursively bind mounting the root directory of the filesystem onto a subdirectory and then later unmounting that subdirectory with .BR MNT_DETACH will cause every mount in the mount namespace to be lazily unmounted. -To ensure umount does not propagate the mount point may be -remounted with MS_REC | MS_PRIVATE prior to umount being called. +To ensure +.BR umount (2) +does not propagate in this fashion, +the mount point may be remounted using a +.BR mount (2) +call with a +.I mount_flags +argument that includes both +.BR MS_REC +and +.BR MS_PRIVATE +prior to +.BR umount (2) +being called. .SH RETURN VALUE On success, zero is returned.