chiark / gitweb /
~ianmdlvl / elogind.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
shutdown: just call exit() if we are in a container
[elogind.git] / src / nspawn.c
diff --git a/src/nspawn.c b/src/nspawn.c
index 297bb61f63b480f5d01f888e38159152f82d4900..7cefd3debd9cb09be9f61349df21ccbd605bbb19 100644 (file)
--- a/src/nspawn.c
+++ b/src/nspawn.c
@@ -254,7 +254,7 @@ static int copy_devnodes(const char *dest) {
                                         r = -errno;
                         }
 
-                        if (mount(from, to, "bind", MS_BIND, NULL) < 0) {
+                        if (mount(from, to, "bind", MS_BIND|MS_RDONLY, NULL) < 0) {
                                 log_error("bind mount for /dev/console failed: %m");
 
                                 if (r == 0)
@@ -383,7 +383,7 @@ int main(int argc, char *argv[]) {
 
         log_info("Spawning namespace container on %s.", arg_directory);
 
-        if ((pid = syscall(__NR_clone, SIGCHLD|CLONE_NEWIPC|CLONE_NEWNS|CLONE_NEWPID|CLONE_NEWUTS|CLONE_NEWNET, NULL)) < 0) {
+        if ((pid = syscall(__NR_clone, SIGCHLD|CLONE_NEWIPC|CLONE_NEWNS|CLONE_NEWPID|CLONE_NEWUTS, NULL)) < 0) {
                 log_error("clone() failed: %m");
                 goto finish;
         }
Unnamed repository; edit this file 'description' to name the repository.