init.d/root: add support for 'shared' fstab option on / #526
Conversation
containers on linux might require filesystems to be mounted with different propagation than the kernel default of 'private': by setting 'shared' in fstab for / options, one can now make the fs hierarchy shared. Note we use 'rshared' to make other existing mounts shared as well because the setting is contagious and it seemed more logical to behave as if the setting was set on / immediately (and thus inherited by other mounts) This fixes OpenRC#525.
|
This should fix the warning message for rootless podman/buildah: containers/buildah#3726 |
Yes, that's the main reason I want this :) (well, that and shared mounts can actually be useful for containers -- with volume mounted as shared it's possible to have an administration container that can issue mount commands for slave, less trusted containers) |
|
was there anything more to do here to allow it to be merged? looks pretty cut and dry to me |
|
For reference, I've been using something equivalent to this for a bit over a year now without any issue. I'll be more than happy to remove my kludge if/when this is merged :) |
|
Is that the problem? Strange mistake. |
|
I hope it will merged soon :) Now i use /var/lib/docker folder all of shared container mounts. This folder shared by default, if docker installed :D |
|
the mount(8) man page says it recognizes the various types in fstab (private, slave, shared, unbindable, rprivate, rslave, rshared, runbindable). we shouldn't treat "shared" as "rshared". if you want the man page also says that since util-linux 2.23, the fstab propagation flags are respected by mount. i'm guessing this doesn't work for |
|
The rationale for using rshared when shared is set on /, is that it is supposed to be inherited -- but since we're setting rootflags late (after other mount points have been made) then we need rshared to behave as if it had been shared from the start. (otherwise you end up with something weird where part of the tree is shared but it's not really clear to users what) Happy to update the PR to change that though, it's a detail really. As for |
|
Just tested the change in an Alpine 3.18 VM (amd64, system disk). Works fine: |
|
@vapier If the PR was changed to use the I would love to see this fixed upstream for everyone! Thank you. |
|
Ah, I realized I forgot to reply to a point:
This doesn't just have no effect, mount -o doesn't seem to allow passing shared or other similar options: re: fstab flag, as said before I still think it makes more sense as it is, but happy to do the updating if that's what you want. |
|
Perhaps there should be a shared and a rshared option? So people explicitly knows that rshared is recursive and shared is not. |
This was brought up before so I'll just quote my reply:
To rephrase myself, the shared setting will be inherited by future mounts, so depending on the timing of the "make root shared" you'll get something implementation specific with a simple It's an easy change so given the above, if someone still think that makes sense I'll be happy to update this PR to at least rename shared to rshared to make it more obvious that it's what we're doing; please re-ask if that's the case. |
|
Oh sorry, missed that. I actually don't care that much about the details, I just want it implemented. |
containers on linux might require filesystems to be mounted with
different propagation than the kernel default of 'private':
by setting 'shared' in fstab for / options, one can now make the
fs hierarchy shared.
Note we use 'rshared' to make other existing mounts shared as well
because the setting is contagious and it seemed more logical to
behave as if the setting was set on / immediately (and thus inherited
by other mounts)
This fixes #525.