process-util: add a new FORK_MOUNTNS_SLAVE flag for safe_fork()

[elogind.git] / src / basic / process-util.c

diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index 43bad9009f7f5c0293399308e48b9b4f3b1d9a1e..a52f95e76bebc5bb6d044925119539ac3a81d068 100644 (file)
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -17,6 +17,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <sys/mman.h>
+//#include <sys/mount.h>
 #include <sys/personality.h>
 #include <sys/prctl.h>
 #include <sys/types.h>
@@ -1356,6 +1357,16 @@ int safe_fork_full(
                 }
         }
 
+        if ((flags & (FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE)) == (FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE)) {
+
+                /* Optionally, make sure we never propagate mounts to the host. */
+
+                if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) < 0) {
+                        log_full_errno(prio, errno, "Failed to remount root directory as MS_SLAVE: %m");
+                        _exit(EXIT_FAILURE);
+                }
+        }
+
         if (flags & FORK_CLOSE_ALL_FDS) {
                 /* Close the logs here in case it got reopened above, as close_all_fds() would close them for us */
                 log_close();