MS_BIND flag on / folder not working

[Jim Davis]

On Wed, Mar 8, 2017 at 2:56 AM, Prabhunath G <gprabhunath at gmail.com> wrote:
> Hi All,
>
>          Binding / folder onto someother folder say /opt/lxc is not working
> but otherway round is working. Can I get some help on this.
>
> The following code snippet is executed after cloning
> After executing the following code snippet the contents of / is visible in
> /opt/lxc
>       ret = mount("/", "/opt/lxc", NULL, MS_BIND, NULL);
>       if (ret) {
>         perror("mount bind / on /opt/lxc");
>         exit(1);
>      }
>
> But after executing the following code snippet the contents of /opt/lxc is
> not visible in /
>       ret = mount("/opt/lxc", "/", NULL, MS_BIND, NULL);
>       if (ret) {
>         perror("mount bind /opt/lxc on /");
>         exit(1);
>      }
>
> The code is executing successfully, but the result is not as expected.

It's a little curious that the bind succeeds -- if you try "mount
--move /opt/lxc /" you would get an error.  I'd guess there's some use
case for a / bind mount like that though offhand I don't see it.  But
bind mounts aren't substitutes for a chroot(2) call, which I think is
what you'll need for your application.  Bind mounts could still be
useful in setting up the running chroot environment: mount --bind
/proc /opt/lxc/proc, etc.


-- 
Jim