Hi, I'm looking for developing a pam module which creates a new namespace and a chroot. It's doing at the same time what pam_script, pam_chroot and pam_namespace do, but then in one module.
I'm using nspawn.c to look how it does a chroot, mounting the different important system directories. I'm using the unshare systemcall, instead of clone. I've got a question about a commadn in nspawn.c, at line 775: mount(arg_directory, "/", "bind", MS_BIND | MS_MOVE, NULL) (systemd 3.3) Why the combination MS_BIND | MS_MOVE here?? A move is a little bit confucing, since a move of the root, while the subirectories are already mounted. It looks more a bit to make the new namespace consistent or something like that. Can someone explain this? Thanks in advance. Stef Bon the Netherlands btw I know what a bind mount is, but the combination MS_BIND | MS_MOVE in this context is the issue. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
