diff options
Diffstat (limited to 'nixos/modules/system/boot/stage-1-init.sh')
| -rw-r--r-- | nixos/modules/system/boot/stage-1-init.sh | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/nixos/modules/system/boot/stage-1-init.sh b/nixos/modules/system/boot/stage-1-init.sh index af57310bda7d9..835788dbbc976 100644 --- a/nixos/modules/system/boot/stage-1-init.sh +++ b/nixos/modules/system/boot/stage-1-init.sh @@ -410,6 +410,11 @@ mountFS() { n=$((n + 1)) done + # For bind mounts, busybox has a tendency to ignore options, which can be a + # security issue (e.g. "nosuid"). Remounting the partition seems to fix the + # issue. + mount "/mnt-root$mountPoint" -o "remount,$optionsPrefixed" + [ "$mountPoint" == "/" ] && [ -f "/mnt-root/etc/NIXOS_LUSTRATE" ] && lustrateRoot "/mnt-root" |