LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

mount_namespaces.7: Minor tweaks 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2016-06-27 10:52:31 -05:00
parent 98c28960c3
commit d9cdf357c9
1 changed files with 51 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
man7/mount_namespaces.7
View File

@ -89,12 +89,12 @@ as having one of the following
.BR MS_SHARED
This mount point shares events with members of a peer group.
Mount and unmount events immediately under this mount point will propagate
outward to the other mount points that are members of the peer group.
to the other mount points that are members of the peer group.
.I Propagation
here means that the same mount or unmount will automatically occur
under all of the other mount points in the peer group.
Conversely, mount and unmount events that take place under
peer mount points will propagate inward to this mount point.
peer mount points will propagate to this mount point.
.TP
.BR MS_PRIVATE
This mount point is private; it does not have a peer group.
@ -176,10 +176,11 @@ for a record in that file:
.I shared:X
This mount point is shared in peer group
.IR X .
Each peer group has a unique ID (a small integer) that is automatically
Each peer group has a unique ID that is automatically
generated by the kernel,
and all mount points in the same peer group will show the same ID.
(These IDs may be recycled when a peer group ceases to have any members.)
(These IDs are assigned starting from the value 1,
and may be recycled when a peer group ceases to have any members.)
.TP
.I master:X
This mount is a slave to shared peer group
@ -217,27 +218,27 @@ and then view the mounts in
.nf
.in +4n
sh1# \fBmount \-\-make\-private /mntB\fP
sh1# \fBmount \-\-make\-shared /mntA\fP
sh1# \fBmount \-\-make\-shared /mntS\fP
sh1# \fBmount \-\-make\-private /mntP\fP
sh1# \fBcat /proc/self/mountinfo | grep \(aq/mnt[AB]\(aq | sed \(aqs/ \- .*//\(aq\fP
77 61 8:17 / /mntA rw,relatime shared:1
83 61 8:15 / /mntB rw,relatime
77 61 8:17 / /mntS rw,relatime shared:1
83 61 8:15 / /mntP rw,relatime
.in
.fi
From the
.IR /proc/self/mountinfo
output, we see that
.IR /mntA
.IR /mntS
is a shared mount in peer group 1, and that
.IR /mntB
.IR /mntP
has no optional tags, indicating that it is a private mount.
The first two fields in each record in this file are the unique
ID for this mount, and the mount ID of the parent mount.
We can further inspect this file to see that the parent mount point of
.IR /mntA
.IR /mntS
and
.IR /mntB
.IR /mntP
is the root directory,
.IR / ,
which is mounted as private:
@ -257,8 +258,8 @@ and inspect the mounts:
.in +4n
$ \fBPS1=\(aqsh2# \(aq sudo unshare \-m \-\-propagation unchanged sh\fP
sh2# \fBcat /proc/self/mountinfo | grep \(aq/mnt[AB]\(aq | sed \(aqs/ \- .*//\(aq\fP
222 145 8:17 / /mntA rw,relatime shared:1
225 145 8:15 / /mntB rw,relatime
222 145 8:17 / /mntS rw,relatime shared:1
225 145 8:15 / /mntP rw,relatime
.in
.fi
@ -275,52 +276,52 @@ from marking all mounts as private when creating a new mount namespace,
which it does by default.)
In the second terminal, we then create submounts under each of
.IR /mntA
.IR /mntS
and
.IR /mntB
.IR /mntP
and inspect the set-up:
.nf
.in +4n
sh2# \fBmkdir /mntA/x\fP
sh2# \fBmount /dev/sdb6 /mntA/x\fP
sh2# \fBmkdir /mntB/y\fP
sh2# \fBmount /dev/sdb7 /mntB/y\fP
sh2# \fBmkdir /mntS/a\fP
sh2# \fBmount /dev/sdb6 /mntS/a\fP
sh2# \fBmkdir /mntP/b\fP
sh2# \fBmount /dev/sdb7 /mntP/b\fP
sh2# \fBcat /proc/self/mountinfo | grep \(aq/mnt[AB]\(aq | sed \(aqs/ \- .*//\(aq\fP
222 145 8:17 / /mntA rw,relatime shared:1
225 145 8:15 / /mntB rw,relatime
178 222 8:22 / /mntA/x rw,relatime shared:2
230 225 8:23 / /mntB/y rw,relatime
222 145 8:17 / /mntS rw,relatime shared:1
225 145 8:15 / /mntP rw,relatime
178 222 8:22 / /mntS/a rw,relatime shared:2
230 225 8:23 / /mntP/b rw,relatime
.in
.fi
From the above, it can be seen that
.IR /mntA/x
.IR /mntS/a
was created as shared (inheriting this setting from its parent mount) and
.IR /mntB/y
.IR /mntP/b
was created as a private mount.
Returning to the first terminal and inspecting the set-up,
we see that the new mount created under the shared mount point
.IR /mntA
.IR /mntS
propagated to its peer mount (in the initial mount namespace),
but the new mount created under the private mount point
.IR /mntB
.IR /mntP
did not propagate:
.nf
.in +4n
sh1# \fBcat /proc/self/mountinfo | grep \(aq/mnt[AB]\(aq | sed \(aqs/ \- .*//\(aq\fP
77 61 8:17 / /mntA rw,relatime shared:1
83 61 8:15 / /mntB rw,relatime
179 77 8:22 / /mntA/x rw,relatime shared:2
77 61 8:17 / /mntS rw,relatime shared:1
83 61 8:15 / /mntP rw,relatime
179 77 8:22 / /mntS/a rw,relatime shared:2
.in
.fi
.\"
.SS MS_SLAVE example
Making a mount point a slave allows it to receive propagated
mount and unmount events from a master shared peer group,
while preventing it from propagating events outward to that master.
while preventing it from propagating events to that master.
This is useful if we want to (say) receive a mount event when
an optical disk is mounted in the master shared peer group
(in another mount namespace),
@ -375,19 +376,19 @@ and
.nf
.in +4n
sh2# \fBmkdir /mntX/aaa\fP
sh2# \fBmount /dev/sda3 /mntX/aaa\fP
sh2# \fBmkdir /mntY/bbb\fP
sh2# \fBmount /dev/sda5 /mntY/bbb\fP
sh2# \fBmkdir /mntX/a\fP
sh2# \fBmount /dev/sda3 /mntX/a\fP
sh2# \fBmkdir /mntY/b\fP
sh2# \fBmount /dev/sda5 /mntY/b\fP
.in
.fi
When we inspect the state of the mount points in the new mount namespace,
we see that
.IR /mntX/aaa
.IR /mntX/a
was created as a new shared mount
(inheriting the "shared" setting from its parent mount) and
.IR /mntY/bbb
.IR /mntY/b
was created as a private mount:
.nf
@ -395,18 +396,18 @@ was created as a private mount:
sh2# \fBcat /proc/self/mountinfo | grep \(aq/mnt\(aq | sed \(aqs/ \- .*//\(aq\fP
168 167 8:23 / /mntX rw,relatime shared:1
169 167 8:22 / /mntY rw,relatime master:2
173 168 8:3 / /mntX/aaa rw,relatime shared:3
175 169 8:5 / /mntY/bbb rw,relatime
173 168 8:3 / /mntX/a rw,relatime shared:3
175 169 8:5 / /mntY/b rw,relatime
.in
.fi
Returning to the first terminal (in the initial mount namespace),
we see that the mount
.IR /mntX/aaa
.IR /mntX/a
propagated to the peer (the shared
.IR /mntX ),
but the mount
.IR /mntY/bbb
.IR /mntY/b
was not propagated:
.nf
@ -414,7 +415,7 @@ was not propagated:
sh1# \fBcat /proc/self/mountinfo | grep \(aq/mnt\(aq | sed \(aqs/ \- .*//\(aq\fP
132 83 8:23 / /mntX rw,relatime shared:1
133 83 8:22 / /mntY rw,relatime shared:2
174 132 8:3 / /mntX/aaa rw,relatime shared:3
174 132 8:3 / /mntX/a rw,relatime shared:3
.in
.fi
@ -424,13 +425,13 @@ in the first shell:
.nf
.in +4n
sh1# \fBmkdir /mntY/ccc\fP
sh1# \fBmount /dev/sda1 /mntY/ccc\fP
sh1# \fBmkdir /mntY/c\fP
sh1# \fBmount /dev/sda1 /mntY/c\fP
sh1# \fBcat /proc/self/mountinfo | grep '/mnt' | sed 's/ \- .*//'\fP
132 83 8:23 / /mntX rw,relatime shared:1
133 83 8:22 / /mntY rw,relatime shared:2
174 132 8:3 / /mntX/aaa rw,relatime shared:3
178 133 8:1 / /mntY/ccc rw,relatime shared:4
174 132 8:3 / /mntX/a rw,relatime shared:3
178 133 8:1 / /mntY/c rw,relatime shared:4
.in
.fi
@ -444,9 +445,9 @@ and that the new mount is itself a slave mount (to peer group 4):
sh2# \fBcat /proc/self/mountinfo | grep \(aq/mnt\(aq | sed \(aqs/ \- .*//\(aq\fP
168 167 8:23 / /mntX rw,relatime shared:1
169 167 8:22 / /mntY rw,relatime master:2
173 168 8:3 / /mntX/aaa rw,relatime shared:3
175 169 8:5 / /mntY/bbb rw,relatime
179 169 8:1 / /mntY/ccc rw,relatime master:4
173 168 8:3 / /mntX/a rw,relatime shared:3
175 169 8:5 / /mntY/b rw,relatime
179 169 8:1 / /mntY/c rw,relatime master:4
.in
.fi
.\"