0

namespace link

and do following test:

  1. gcc -o mntns mntns.c
  2. the run with $ sudo ./mntns
  3. secret_dir='mktemp -d --tmpdir=/tmp'
  4. mount -n -o size=1m -t tmpfs tmpfs $secret_dir
  5. df -h , show it includes the tmpdir created in step 3, /tmp/tmp.sFsCzTDhjE
  6. open another shell console, run df -h, it also includes /tmp/tmp.sFsCzTDhjE

So it seems the CLONE_NEWNS can not make mounts isolated, still can be seen in other mount namespace. Could someone helped this question ? Searched a lots of examples, they just tried this, but not talked about this issue.

chrk
  • 4,037
  • 2
  • 39
  • 47
Kennan
  • 21
  • 2

1 Answers1

1

I solved it. you can check this comment #2 https://bbs.archlinux.org/viewtopic.php?id=194388

it helped this issue, and solved the visible namespace question asked before.

Kennan
  • 21
  • 2