remount, not honored on bind mounts
Bug #1272028 reported by
Serge Hallyn
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Expired
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned | ||
Utopic |
Expired
|
Undecided
|
Unassigned |
Bug Description
I was trying to run docker in a nested container. docker wants to remount a bind-mounted dir as ro. Audit log showed this failed. I first tried to add more specific rules, but when those did not work i tried just
remount,
in the policy. Still the mount was denied. Finally when I added 'mount,', it worked.
Ideally I would be able to say
remount options=(ro,bind) -> /var/lib/
summary: |
- remount, not honored + remount, not honored on bind mounts |
To post a comment you must log in.
I've tracked this down to a compiler bug where the bind flag is getting cleared from the flags set for remounts.