github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-11-04 00:21:11 +00:00
Code Issues Projects Releases Wiki Activity

Change propagation for root

Browse Source 
- make / rshared
- make /containers private
- make /var its own tmpfs mountpoint, shared

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
Justin Cormack
2017-04-09 13:25:38 +01:00
parent 3ffa912c41
commit bfa76205d5
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
pkg/init/etc/init.d/rcS
View File

@@ -107,11 +107,17 @@ mkdir /tmp/etc
mv /etc/resolv.conf /tmp/etc/resolv.conf
ln -snf /tmp/etc/resolv.conf /etc/resolv.conf
# mount rootfs as rshared
mount --make-rshared /
# remount rootfs as readonly
mount -o remount,ro /
# bind and remount containers and var as read-write
# bind and remount containers as read-write but private
mount -o bind /containers /containers
mount -o bind /var /var
mount -o remount,rw,relatime /containers /containers
mount -o remount,rw,nodev,nosuid,relatime /var /var
mount --make-private /containers
# make /var its own tmpfs mount point
mount -n -t tmpfs var /var -o nodev,nosuid,noexec,relatime,size=10%,mode=755
mount --make-rshared /var