buildFhsUserenv: don't leak mounts to other processes

If run as root we were leaking mounts to the parent namespace, which lead to an error when removing the temporary mountroot. To fix this we remount the whole tree as private as soon as we created the new mountenamespace.
author: Jörg Thalheim <joerg@thalheim.io> 2021-06-05 16:45:10 +0200
committer: Jörg Thalheim <joerg@thalheim.io> 2021-06-05 16:47:44 +0200
commit: 43908f4c1d8489ca284c47fb835ec3fa348016b0 (patch)
tree: d8658a47d6db557cdbacb44928cba1eba02532a9 /pkgs/build-support/build-fhs-userenv
parent: bdb89449afc2284802cd58ec783eb7d60def2351 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c b/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c
index a438b80e18297..27e70e3fe5c4d 100644
--- a/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c
+++ b/pkgs/build-support/build-fhs-userenv/chrootenv/chrootenv.c
@@ -43,7 +43,6 @@ const gchar *create_tmpdir() {
 void pivot_host(const gchar *guest) {
   g_autofree gchar *point = g_build_filename(guest, "host", NULL);
   fail_if(g_mkdir(point, 0755));
-  fail_if(mount(0, "/", 0, MS_PRIVATE | MS_REC, 0));
   fail_if(pivot_root(guest, point));
 }
 
@@ -122,6 +121,9 @@ int main(gint argc, gchar **argv) {
       fail("unshare", unshare_errno);
     }
 
+    // hide all mounts we do from the parent
+    fail_if(mount(0, "/", 0, MS_PRIVATE | MS_REC, 0));
+
     if (uid != 0) {
       spit("/proc/self/setgroups", "deny");
       spit("/proc/self/uid_map", "%d %d 1", uid, uid);
author	Jörg Thalheim <joerg@thalheim.io>	2021-06-05 16:45:10 +0200
committer	Jörg Thalheim <joerg@thalheim.io>	2021-06-05 16:47:44 +0200
commit	43908f4c1d8489ca284c47fb835ec3fa348016b0 (patch)
tree	d8658a47d6db557cdbacb44928cba1eba02532a9 /pkgs/build-support/build-fhs-userenv
parent	bdb89449afc2284802cd58ec783eb7d60def2351 (diff)