| 1 | /* Enter a mount namespace. |
|---|---|
| 2 | Copyright (C) 2017-2023 Free Software Foundation, Inc. |
| 3 | This file is part of the GNU C Library. |
| 4 | |
| 5 | The GNU C Library is free software; you can redistribute it and/or |
| 6 | modify it under the terms of the GNU Lesser General Public |
| 7 | License as published by the Free Software Foundation; either |
| 8 | version 2.1 of the License, or (at your option) any later version. |
| 9 | |
| 10 | The GNU C Library is distributed in the hope that it will be useful, |
| 11 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 13 | Lesser General Public License for more details. |
| 14 | |
| 15 | You should have received a copy of the GNU Lesser General Public |
| 16 | License along with the GNU C Library; if not, see |
| 17 | <https://www.gnu.org/licenses/>. */ |
| 18 | |
| 19 | #include <support/namespace.h> |
| 20 | |
| 21 | #include <sched.h> |
| 22 | #include <stdio.h> |
| 23 | #ifdef CLONE_NEWNS |
| 24 | # include <sys/mount.h> |
| 25 | #endif /* CLONE_NEWNS */ |
| 26 | |
| 27 | bool |
| 28 | support_enter_mount_namespace (void) |
| 29 | { |
| 30 | #ifdef CLONE_NEWNS |
| 31 | if (unshare (CLONE_NEWNS) == 0) |
| 32 | { |
| 33 | /* On some systems, / is marked as MS_SHARED, which means that |
| 34 | mounts within the namespace leak to the rest of the system, |
| 35 | which is not what we want. */ |
| 36 | if (mount ("none", "/", NULL, MS_REC | MS_PRIVATE, NULL) != 0) |
| 37 | { |
| 38 | printf ("warning: making the mount namespace private failed: %m\n"); |
| 39 | return false; |
| 40 | } |
| 41 | return true; |
| 42 | } |
| 43 | else |
| 44 | printf ("warning: unshare (CLONE_NEWNS) failed: %m\n"); |
| 45 | #endif /* CLONE_NEWNS */ |
| 46 | return false; |
| 47 | } |
| 48 |
Generated on 2023-Nov-30 from project glibc
Powered by 
Code Browser 2.1
Generator usage only permitted with license.