Hi all,
I have MountFlags=slave defined, and I use the following recipe to
automount usb stick without right issues:
https://github.com/nefethael/meta-random/blob/master/recipes-support/usbmount/usbmount_git.bb
I think we should keep this settings as it is.
What is the problematic use case?
Best
What do you mean "it only happens with libseccomp"? I have tried to
enable or disable
seccomp via CONFIG_SECCOMP, buf the results were same unless I set
MountFlags=shared.
Without propagation patch, all block device, such as '/dev/sda*',
mounted by systemd-udev,
are unaccessible to outside
If MountFlags=slave, systemd-udevd mounts all block device, such as
'/dev/sda1' '/dev/mmcblk*' , in itself unit namespace. So other namespace,
such as 'root user', has no access to use block device mentioned above.
On 2018年02月23日 08:50, Otavio Salvador wrote:
On Thu, Feb 22, 2018 at 11:15 AM
On Thu, Feb 22, 2018 at 11:15 AM, Hongzhi.Song
wrote:
> MountFlags's default value is shared in systemd-udevd.service. But upstream
> sets MountFlags with slave just for keeping mounts done by udev private to
> udevd, which causes block device mounted by udev unvisable but being busy for
> host. S
We used to have this but it was removed in the 232 upgrade:
* Drop mount propagation patch, it only happens with libseccomp, OE
doesnt
enable it
Is this not the case? Or are you enabling seccomp? Maybe this should be a
bbappend in meta-security?
Ross
On 22 February 2018 at 14:15, Ho
MountFlags's default value is shared in systemd-udevd.service. But upstream
sets MountFlags with slave just for keeping mounts done by udev private to
udevd, which causes block device mounted by udev unvisable but being busy for
host. So we revert it to shared to be propagated to host.
Signed-off-
