diff options
author | Ludovic Courtès <ludo@gnu.org> | 2015-04-20 22:16:13 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2015-04-20 22:16:13 +0200 |
commit | b86fee7848f964da4d5e695dc8027d95d40a1c77 (patch) | |
tree | ad0c6ef4421da2f5de4fce27170db7a82e8ac74d /gnu/services | |
parent | 38cf2ba084881a4c8fca0ee2888b5fd5724e9104 (diff) | |
download | guix-b86fee7848f964da4d5e695dc8027d95d40a1c77.tar.gz |
file-systems: Use a second 'mount' call for read-only bind mounts.
* gnu/build/file-systems.scm (MS_REMOUNT): New constant. (mount-file-system): Add 'flags' local variable. When FLAGS has MS_BIND & MS_RDONLY, call 'mount' with MS_REMOUNT. * gnu/services/base.scm (file-system-service) <start>: Likewise.
Diffstat (limited to 'gnu/services')
-rw-r--r-- | gnu/services/base.scm | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 956fa7efa0..d0a2e8c848 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -131,7 +131,9 @@ names such as device-mapping services." (requirement `(root-file-system ,@requirements)) (documentation "Check, mount, and unmount the given file system.") (start #~(lambda args - (let ((device (canonicalize-device-spec #$device '#$title))) + ;; FIXME: Use or factorize with 'mount-file-system'. + (let ((device (canonicalize-device-spec #$device '#$title)) + (flags #$(mount-flags->bit-mask flags))) #$(if create-mount-point? #~(mkdir-p #$target) #~#t) @@ -145,9 +147,16 @@ names such as device-mapping services." (getenv "PATH"))) (check-file-system device #$type)) #~#t) - (mount device #$target #$type - #$(mount-flags->bit-mask flags) - #$options)) + + (mount device #$target #$type flags #$options) + + ;; For read-only bind mounts, an extra remount is needed, + ;; as per <http://lwn.net/Articles/281157/>, which still + ;; applies to Linux 4.0. + (when (and (= MS_BIND (logand flags MS_BIND)) + (= MS_RDONLY (logand flags MS_RDONLY))) + (mount device #$target #$type + (logior MS_BIND MS_REMOUNT MS_RDONLY)))) #t)) (stop #~(lambda args ;; Normally there are no processes left at this point, so |