shutdown: don't attempt read-only mounts in a container

[elogind.git] / src / core / shutdown.c

diff --git a/src/core/shutdown.c b/src/core/shutdown.c
index 1c2bf372b5aafe5dd3059e7c8312021dee0270b0..c3a4c390be2e20bf4f89ec291439cd212ed5bdac 100644 (file)
--- a/src/core/shutdown.c
+++ b/src/core/shutdown.c
@@ -104,19 +104,18 @@ static int pivot_to_new_root(void) {
                 return -errno;
         }
 
-        /*
-          In case some evil process made "/" MS_SHARED
-          It works for pivot_root, but the ref count for the root device
-          is not decreasing :-/
-        */
-        if (mount(NULL, "/", NULL, MS_PRIVATE, NULL) < 0) {
-                log_error("Failed to make \"/\" private mount %m");
-                return -errno;
-        }
+        /* Work-around for a kernel bug: for some reason the kernel
+         * refuses switching root if any file systems are mounted
+         * MS_SHARED. Hence remount them MS_PRIVATE here as a
+         * work-around.
+         *
+         * https://bugzilla.redhat.com/show_bug.cgi?id=847418 */
+        if (mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) < 0)
+                log_warning("Failed to make \"/\" private mount: %m");
 
         if (pivot_root(".", "oldroot") < 0) {
                 log_error("pivot failed: %m");
-                /* only chroot if pivot root succeded */
+                /* only chroot if pivot root succeeded */
                 return -errno;
         }
 
@@ -177,10 +176,10 @@ int main(int argc, char *argv[]) {
         mlockall(MCL_CURRENT|MCL_FUTURE);
 
         log_info("Sending SIGTERM to remaining processes...");
-        broadcast_signal(SIGTERM);
+        broadcast_signal(SIGTERM, true);
 
         log_info("Sending SIGKILL to remaining processes...");
-        broadcast_signal(SIGKILL);
+        broadcast_signal(SIGKILL, true);
 
         if (in_container) {
                 need_swapoff = false;