1 /* Enter a mount namespace.
2    Copyright (C) 2017-2022 Free Software Foundation, Inc.
3    This file is part of the GNU C Library.
4 
5    The GNU C Library is free software; you can redistribute it and/or
6    modify it under the terms of the GNU Lesser General Public
7    License as published by the Free Software Foundation; either
8    version 2.1 of the License, or (at your option) any later version.
9 
10    The GNU C Library is distributed in the hope that it will be useful,
11    but WITHOUT ANY WARRANTY; without even the implied warranty of
12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13    Lesser General Public License for more details.
14 
15    You should have received a copy of the GNU Lesser General Public
16    License along with the GNU C Library; if not, see
17    <https://www.gnu.org/licenses/>.  */
18 
19 #include <support/namespace.h>
20 
21 #include <sched.h>
22 #include <stdio.h>
23 #ifdef CLONE_NEWNS
24 # include <sys/mount.h>
25 #endif /* CLONE_NEWNS */
26 
27 bool
support_enter_mount_namespace(void)28 support_enter_mount_namespace (void)
29 {
30 #ifdef CLONE_NEWNS
31   if (unshare (CLONE_NEWNS) == 0)
32     {
33       /* On some systems, / is marked as MS_SHARED, which means that
34          mounts within the namespace leak to the rest of the system,
35          which is not what we want.  */
36       if (mount ("none", "/", NULL, MS_REC | MS_PRIVATE, NULL) != 0)
37         {
38           printf ("warning: making the mount namespace private failed: %m\n");
39           return false;
40         }
41       return true;
42     }
43   else
44     printf ("warning: unshare (CLONE_NEWNS) failed: %m\n");
45 #endif /* CLONE_NEWNS */
46   return false;
47 }
48