summary refs log tree commit diff
path: root/gnu/services
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-04-20 22:16:13 +0200
committerLudovic Courtès <ludo@gnu.org>2015-04-20 22:16:13 +0200
commitb86fee7848f964da4d5e695dc8027d95d40a1c77 (patch)
treead0c6ef4421da2f5de4fce27170db7a82e8ac74d /gnu/services
parent38cf2ba084881a4c8fca0ee2888b5fd5724e9104 (diff)
downloadguix-b86fee7848f964da4d5e695dc8027d95d40a1c77.tar.gz
file-systems: Use a second 'mount' call for read-only bind mounts.
* gnu/build/file-systems.scm (MS_REMOUNT): New constant.
  (mount-file-system): Add 'flags' local variable.   When FLAGS has
  MS_BIND & MS_RDONLY, call 'mount' with MS_REMOUNT.
* gnu/services/base.scm (file-system-service) <start>: Likewise.
Diffstat (limited to 'gnu/services')
-rw-r--r--gnu/services/base.scm17
1 files changed, 13 insertions, 4 deletions
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 956fa7efa0..d0a2e8c848 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -131,7 +131,9 @@ names such as device-mapping services."
       (requirement `(root-file-system ,@requirements))
       (documentation "Check, mount, and unmount the given file system.")
       (start #~(lambda args
-                 (let ((device (canonicalize-device-spec #$device '#$title)))
+                 ;; FIXME: Use or factorize with 'mount-file-system'.
+                 (let ((device (canonicalize-device-spec #$device '#$title))
+                       (flags  #$(mount-flags->bit-mask flags)))
                    #$(if create-mount-point?
                          #~(mkdir-p #$target)
                          #~#t)
@@ -145,9 +147,16 @@ names such as device-mapping services."
                                       (getenv "PATH")))
                              (check-file-system device #$type))
                          #~#t)
-                   (mount device #$target #$type
-                          #$(mount-flags->bit-mask flags)
-                          #$options))
+
+                   (mount device #$target #$type flags #$options)
+
+                   ;; For read-only bind mounts, an extra remount is needed,
+                   ;; as per <http://lwn.net/Articles/281157/>, which still
+                   ;; applies to Linux 4.0.
+                   (when (and (= MS_BIND (logand flags MS_BIND))
+                              (= MS_RDONLY (logand flags MS_RDONLY)))
+                     (mount device #$target #$type
+                            (logior MS_BIND MS_REMOUNT MS_RDONLY))))
                  #t))
       (stop #~(lambda args
                 ;; Normally there are no processes left at this point, so