vzctl mount: implement pivot_root() for upstream CT
Instead of just doing chroot(), we do pivot_root() and then umount
those mounts that came from the parent mount namespace.
pivot_root() is better because, unlike chroot(), there is no way to
escape. In addition, this should make our CT checkpointable by
crtools (http://criu.org).
umount_old() implementation inspired by
* lxc tools (src/lxc/conf.c)
* libvirt (src/lxc/lxc_container.c)
* crtools (mount.c)
but I'm still unsure if I'm doing it right.
Note that when we'll be able to use ct_chroot() instead of vz_chroot()
for OpenVZ kernel when we'll use CLONE_NEWNS in OpenVZ.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
1 file changed