You are not logged in.
Pages: 1
Hi, I've got problems with namespaces not working as expected. When I isolate a process into a new network and mount namespace, a newly mounted file system will be visible to all processes.
Steps to reproduce:
$ sudo unshare -mn bash
bash# mount -t sysfs sysfs /sys
bash# exit
$ cat /proc/mountsResult:
/proc/mounts will contain a new line for sysfs. This means the /sys/fs/cgroups directory will appear to be empty as the new sysfs is mounted over the old However you can undo it by
sudo umount /sys.
Expected result:
The /sys directory will only be new inside the bash process started using unshare and not anymore once you exit bash.
Did I understand something wrong? Or might this be a bug in the kernel?
Note that when using
unshare -m bashwithout isolating the network namespace it will refuse to mount sysfs as it is already mounted or busy. Strange.
Offline
Hello, because sysfs is shared, see unshare(1) for more details.
Offline
Pages: 1