Bug 693891 - Systemd needs to mount file systems -rshared.
Summary: Systemd needs to mount file systems -rshared.
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: systemd
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: systemd-maint
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: SysVtoSystemd
TreeView+ depends on / blocked
 
Reported: 2011-04-05 20:25 UTC by Jóhann B. Guðmundsson
Modified: 2012-08-08 23:24 UTC (History)
13 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2012-08-08 22:59:01 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
Native systemd service file (530 bytes, text/plain)
2011-04-05 20:25 UTC, Jóhann B. Guðmundsson 		no flags Details
View All

Description Jóhann B. Guðmundsson 2011-04-05 20:25:22 UTC 
Created attachment 490074 [details]
Native systemd service file

Description of problem:

The attached file is a native systemd file for upcoming F15 Feature [1]

Please read [2] on how to packaging and installing systemd Service files.

To learn more about Systemd daemon see [3].

If you have any question dont hesitate to ask them on this bug report.

1.http://fedoraproject.org/wiki/Features/systemd

2.https://fedoraproject.org/wiki/Systemd_Packaging_Draft

3.http://0pointer.de/public/systemd-man/daemon.html 

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Daniel Walsh 2011-04-05 21:08:56 UTC 
This is only needed by pam_namespace and is not really correct.

pam_namespace should be doing the 

ExecStart=/bin/mount --rbind /tmp /tmp
ExecStart=/bin/mount --rbind /var/tmp /var/tmp 
ExecStart=/bin/mount --make-private /tmp 
ExecStart=/bin/mount --make-private /var/tmp 
ExecStart=/bin/mount --rbind /home /home
ExecStart=/bin/mount --make-private /home

On any directory handed to it.  And the only thing the init script needs to do is.

ExecStart=/bin/mount --make-rshared / 

seunshare already does this and I sent a patch to pam_namespace a while back to implement something similar.
Comment 2 Bill Nottingham 2011-04-26 17:35:41 UTC 
Moving systemd service RFEs to rawhide.

At this point, it is not appropriate in the Fedora 15 cycle to add these. Furthermore, at this point, we are still finalizing the packaging guidelines to handle SysV -> systemd upgrades.

We therefore request:
- wait until there are packaging guidelines (this will be announced on the devel list). This ensures that upgrades will work smoothly and we/you won't have to do multiple sets of changes.
- work on these sorts of changes for Fedora 16 where necessary, not Fedora 15, as we're trying to fix things for release.
- do *not* change a service from SysV to systemd in an existing release (such as Fedora 15), as this is the sort of behavior change that goes against our update policy, documented as https://fedoraproject.org/wiki/Updates_Policy
Comment 3 Tomas Mraz 2011-09-19 20:56:31 UTC 
Yes, pam_namespace now does the make-private mounts on its own.
So only what Dan Walsh writes is needed. And I do not think it should be in the pam package as it is needed only when pam_namespace is configured to do anything at all which it is not by default.

I suppose xguest package would be more appropriate as it uses pam_namespace.
Comment 4 Daniel Walsh 2011-09-20 17:48:51 UTC 
I talked to Lennart and Kay about making systemd mount / by default as rshared.  Then I can eliminate the sandbox init script altogether.
Comment 5 Fedora Admin XMLRPC Client 2011-10-20 16:25:08 UTC 
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 6 Lennart Poettering 2012-08-08 22:59:01 UTC 
For F18 we changed the default mount propagation mode to "shared".
Note You need to log in before you can comment on or make changes to this bug.