Bug 1199554 - Mount in different namespaces.
Summary: Mount in different namespaces.
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: util-linux
Version: 23
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Karel Zak
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 1199563
TreeView+ depends on / blocked
 
Reported: 2015-03-06 15:43 UTC by Daniel Walsh
Modified: 2023-09-14 02:55 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-08-13 09:43:22 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Daniel Walsh 2015-03-06 15:43:06 UTC 
Currently we have a problem with executing mount from one namespace to affect a different namespace.

The use case we are working towards is to allow a container application like gluster/cephs/nfs-utils to be run within a container in its own namespace.  Then allow the mount command to mount file systems in the hosts (primary) mnt namespaces.  

We would like to see a command like

mount --namespace=/proc/$n/ns/mnt

The critical point here is that the mount command would have to load all of its libraries and potentially helper routines before switching namespace.
Comment 1 hchen 2015-03-06 15:50:58 UTC 
This option should also be passed to any mount helpers (mount.nfs, mount.glusterfs, mount.ceph, etc) so the filesystem specific mounter will pick up this option and switch to the proper namespace by calling setns(2). 

An implementation of calling setns(2) in util-linux can be found at 
https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2015-February/msg00064.html

A validation of calling setns(2) in mount helpers can be found in the prototype at https://github.com/rootfs/install-glusterfs-on-fc21/. The test description can be found in the README.md file.
Comment 2 Karel Zak 2015-05-06 10:08:29 UTC 
(In reply to hchen from comment #1)
> This option should also be passed to any mount helpers (mount.nfs,
> mount.glusterfs, mount.ceph, etc) so the filesystem specific mounter will
> pick up this option and switch to the proper namespace by calling setns(2). 
> 
> An implementation of calling setns(2) in util-linux can be found at 
> https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2015-
> February/msg00064.html

I have doubts the patch is correct. It forces mount(8) to set a new namespace *always* when --namespace is specified. It means that it will search for /etc/fstab in the namespace and it will execute /sbin/mount.<type> helpers with in the namespace. (So you need all libs for the helpers, etc.) 

Is it expected behaviour? If yes, the we don't have to export --namespace into mount.<type> helpers, because the helpers will be already in the namespace.


I guess the wanted behaviour is to use setns(2) only in the final mount code when all libs are already linked to the memory and exec() is no more expected.
Comment 3 Jan Kurik 2015-07-15 14:26:17 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 23 development cycle.
Changing version to '23'.

(As we did not run this process for some time, it could affect also pre-Fedora 23 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 23 End Of Life. Thank you.)

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora23
Comment 4 Karel Zak 2015-08-13 09:43:22 UTC 
This has to be implemented on upstream level, so I have added this request to upstream TODO file. We will see... closing for fedora..
Comment 5 Red Hat Bugzilla 2023-09-14 02:55:47 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days
Note You need to log in before you can comment on or make changes to this bug.