mount_namespaces.7: It may be desirable to disable propagation after creating a namespace

After creating a new mount namespace, it may be desirable to disable mount propagation. Give the reader a more explicit hint about this. Reported-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-07 10:50:05 +03:00 · 2019-10-07 10:50:05 +03:00 · a2fc45a9f8
parent 0b6cf5d26e
commit a2fc45a9f8
1 changed files with 20 additions and 0 deletions
--- a/man7/mount_namespaces.7
+++ b/man7/mount_namespaces.7
@ -1077,6 +1077,26 @@ To prevent this, one can use the
 option to
 .BR unshare (1).
 .PP
+An application that creates a new mount namespace directly using
+.BR clone (2)
+or
+.BR unshare (2)
+may desire to prevent propagation of mount events to other mount namespaces
+(as is is done by
+.BR unshare (1)).
+This can be done by changing the propagation type of
+mount points in the new namesapace to either
+.BR MS_SLAVE
+or
+.BR MS_PRIVATE .
+using a call such as the following:
+.IP
+.in +4n
+.EX
+mount(NULL, "/", MS_SLAVE | MS_REC, NULL);
+.EE
+.in
+.PP
 For a discussion of propagation types when moving mounts
 .RB ( MS_MOVE )
 and creating bind mounts