update TODO

[elogind.git] / src / namespace.c

diff --git a/src/namespace.c b/src/namespace.c
index 1d8f35ba577833cc1ed947f18ea6105fd46de22b..a06cac10fda45708e020148a39034d73e2d7e7bc 100644 (file)
--- a/src/namespace.c
+++ b/src/namespace.c
@@ -161,11 +161,11 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d
 
                 /* The bind mount will always inherit the original
                  * flags. If we want to set any flag we need
-                 * to do so in a second indepdant step. */
+                 * to do so in a second independent step. */
                 if (flags)
                         r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_REC|flags, NULL);
 
-                /* Avoid expontial growth of trees */
+                /* Avoid exponential growth of trees */
                 if (r >= 0 && path_equal(p->path, "/"))
                         r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_UNBINDABLE|flags, NULL);
 
@@ -266,8 +266,12 @@ int setup_namespace(
                 goto fail;
         }
 
-        /* We assume that by default mount events from us won't be
-         * propagated to the root namespace. */
+        /* Remount / as SLAVE so that nothing mounted in the namespace
+           shows up in the parent */
+        if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0) {
+                r = -errno;
+                goto fail;
+        }
 
         for (p = paths; p < paths + n; p++)
                 if ((r = apply_mount(p, root_dir, inaccessible_dir, private_dir, flags)) < 0)