mirror of https://github.com/mkerrisk/man-pages
mount_namespaces.7: Note that it is possible to stack a mount on top of a locked mount
Reported-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
f6aaf493f8
commit
ebc82e00ee
|
@ -1128,6 +1128,20 @@ system call failed with the error
|
|||
.BR EINVAL ,
|
||||
which is the error that the kernel returns to indicate that
|
||||
the mount is locked.
|
||||
.IP
|
||||
Note, however, that it is possible to stack (and unstack) a
|
||||
mount on top of one of the inherited locked mounts in a
|
||||
less privileged mount namespace:
|
||||
.IP
|
||||
.in +4n
|
||||
.EX
|
||||
$ \fBls /home\fP # Show directory to be bind mounted at /mnt/dir
|
||||
lost+found/ cecilia/
|
||||
$ \fBsudo unshare \-\-user \-\-map\-root\-user \-\-mount \e\fP
|
||||
\fBsh \-c \(aqmount \-\-bind /home /mnt/dir; ls /mnt/dir\(aq\fP
|
||||
lost+found cecilia
|
||||
.EE
|
||||
.in
|
||||
.IP *
|
||||
Following on from the previous point,
|
||||
note that it is possible to unmount an entire subtree of mounts that
|
||||
|
|
Loading…
Reference in New Issue