attach: switch to simple mount()

At the point where we're remounging proc and sys we're in the container's namespaces so there's no chance of escape so a simple mount() syscall will suffice. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
lxc · Feb 5, 2021 · 0d50f28 · 0d50f28
1 parent 5cf5117
commit 0d50f28
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
@@ -734,7 +734,7 @@ int lxc_attach_remount_sys_proc(void)
 	if (ret < 0)
 		return log_error_errno(-1, errno, "Failed to unmount /proc");
 
-	ret = mount_filesystem("proc", "/proc", 0);
+	ret = mount("none", "/proc", "proc", 0, NULL);
 	if (ret < 0)
 		return log_error_errno(-1, errno, "Failed to remount /proc");
 
@@ -747,7 +747,7 @@ int lxc_attach_remount_sys_proc(void)
 		return log_error_errno(-1, errno, "Failed to unmount /sys");
 
 	/* Remount it. */
-	if (ret == 0 && mount_filesystem("sysfs", "/sys", 0))
+	if (ret == 0 && mount("none", "/sys", "sysfs", 0, NULL))
 		return log_error_errno(-1, errno, "Failed to remount /sys");
 
 	return 0;