f74349d88b
The commit b3ac5f8cb9
has changed the system mount propagation to
shared by default, and according to the following patch:
https://github.com/opencontainers/runc/pull/208
When starting the container, the pouch daemon will call runc to execute
make-private.
However, if the systemctl daemon-reexec is executed after the container
has been started, the system mount propagation will be changed to share
again by default, and the make-private operation above will have no chance
to execute.
13 lines
291 B
C
13 lines
291 B
C
/* SPDX-License-Identifier: LGPL-2.1+ */
|
|
#pragma once
|
|
|
|
#include <stdbool.h>
|
|
|
|
int mount_setup_early(void);
|
|
int mount_setup(bool loaded_policy, bool leave_propagation);
|
|
|
|
int mount_cgroup_controllers(void);
|
|
|
|
bool mount_point_is_api(const char *path);
|
|
bool mount_point_ignore(const char *path);
|