Received: by 2002:a25:b794:0:0:0:0:0 with SMTP id n20csp3790303ybh; Tue, 6 Aug 2019 01:22:52 -0700 (PDT) X-Google-Smtp-Source: APXvYqzYQ8/KhPrQfk9M/iCGA/I9GyDLJLUTUHYo25ouYujE3opMg75cb/4kSXcyX/5nEHk+Snhw X-Received: by 2002:a62:e806:: with SMTP id c6mr2465633pfi.158.1565079771953; Tue, 06 Aug 2019 01:22:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565079771; cv=none; d=google.com; s=arc-20160816; b=O+IzJxIQ6dusgc5JZfiXl+GIGYxJ4TUpxNSeXtncUSEP99W0M4Fj7p0wKYItVg0tjx FtR/U1HUVfVWzJINVBXM2tF8K/Ony5mddf6KKlxEg+mWGuQIYHBCn7tkWgoDEYt15mx8 pVLECfG3a59impuYsO8Y1hmV4WqqO8xnpT8S5joIuN3J4hUsbSAtcHHrPghbWZJV3DqB oLvFXNCUn8NJJF4f9EikjTiULWQjeZgfxJ1ndBOUUwXQj1BCt6RtqswfvypTTNxVmf9C 0HrVQxC84tZ9S2bKfUVMxoE7h7NhLCrnKL/IxO/sq34wbPPINIDJ5/uzVmcZzWG9lKql 5YxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:references:cc:to:subject:from; bh=HVGz76jZswJGCBoVj2zslV33zCxzKt20MecUOpXh/nY=; b=oDdboqOGDF1yGI6+bmxavcqVeLhsj+cJJiMGEQVKCzQi6IodvHvW9QB7Z7z/iH3mVM Sz+/b/KD94nmv9QlG5hkJxCMmDoQdlCjB3tlUtYh/wz0HEM8l3OZDiP2wrLOLv1v+8Vb p+9IsHB8yTcwjjFX00Fd+h5pJQQDtcNPsbC6UYphkYIlRwMuE8IsaxUmvg1TWXTKBLmK 4PevJGv9pjvF7j06/JBK0+xqBWymF6TEIpKEDsMsFYYR3pbWzLt16QpI3iv94WTQj7r8 MIACDdIaXBY/G+aKKGbGqFQBCde1zuoL22yggCQIn8laUz1zbcqkG5WirD8qsymW94qb sKkw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w198si47195369pfd.106.2019.08.06.01.22.36; Tue, 06 Aug 2019 01:22:51 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731835AbfHFIWE (ORCPT + 99 others); Tue, 6 Aug 2019 04:22:04 -0400 Received: from ngcobalt01.manitu.net ([217.11.48.101]:47560 "EHLO ngcobalt01.manitu.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728056AbfHFIWE (ORCPT ); Tue, 6 Aug 2019 04:22:04 -0400 X-Greylist: delayed 556 seconds by postgrey-1.27 at vger.kernel.org; Tue, 06 Aug 2019 04:22:03 EDT Received: from server.passau (ipbcc33479.dynamic.kabel-deutschland.de [188.195.52.121]) (Authenticated sender: smtp-send) by ngcobalt01.manitu.net (Postfix) with ESMTPSA id 1E60A33E4ED3; Tue, 6 Aug 2019 10:12:46 +0200 (CEST) Received: from [192.168.6.60] (t460p [192.168.6.60]) by server.passau (Postfix) with ESMTPSA id 76841814DE; Tue, 6 Aug 2019 10:12:45 +0200 (CEST) From: Philipp Wendler Subject: Re: pivot_root(".", ".") and the fchdir() dance To: "Michael Kerrisk (man-pages)" , Aleksa Sarai Cc: linux-man , Containers , lkml , Andy Lutomirski , Jordan Ogas , werner@almesberger.net, Al Viro References: <20190805103630.tu4kytsbi5evfrhi@mikami> <3a96c631-6595-b75e-f6a7-db703bf89bcf@gmail.com> Message-ID: Date: Tue, 6 Aug 2019 10:12:43 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <3a96c631-6595-b75e-f6a7-db703bf89bcf@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello Michael, hello Aleksa, Am 05.08.19 um 14:29 schrieb Michael Kerrisk (man-pages): > On 8/5/19 12:36 PM, Aleksa Sarai wrote: >> On 2019-08-01, Michael Kerrisk (man-pages) wrote: >>> I'd like to add some documentation about the pivot_root(".", ".") >>> idea, but I have a doubt/question. In the lxc_pivot_root() code we >>> have these steps >>> >>> oldroot = open("/", O_DIRECTORY | O_RDONLY | O_CLOEXEC); >>> newroot = open(rootfs, O_DIRECTORY | O_RDONLY | O_CLOEXEC); >>> >>> fchdir(newroot); >>> pivot_root(".", "."); >>> >>> fchdir(oldroot); // **** >>> >>> mount("", ".", "", MS_SLAVE | MS_REC, NULL); >>> umount2(".", MNT_DETACH); >> >>> fchdir(newroot); // **** >> >> And this one is required because we are in @oldroot at this point, due >> to the first fchdir(2). If we don't have the first one, then switching >> from "." to "/" in the mount/umount2 calls should fix the issue. > > See my notes above for why I therefore think that the second fchdir() > is also not needed (and therefore why switching from "." to "/" in the > mount()/umount2() calls is unnecessary. > > Do you agree with my analysis? If both the second and third fchdir are not required, then we do not need to bother with file descriptors at all, right? Indeed, my tests show that the following seems to work fine: chdir(rootfs) pivot_root(".", ".") umount2(".", MNT_DETACH) I tested that with my own tool[1] that uses user namespaces and marks everything MS_PRIVATE before, so I do not need the mount(MS_SLAVE) here. And it works the same with both umount2("/") and umount2("."). Did I overlook something that makes the file descriptors required? If not, wouldn't the above snippet make sense as example in the man page? Greetings Philipp [1]: https://github.com/sosy-lab/benchexec/blob/b90aeb034b867711845a453587b73fbe8e4dca68/benchexec/container.py#L735