lmi
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lmi] Transitive bind mounts in nested chroots

From: Vadim Zeitlin
Subject: Re: [lmi] Transitive bind mounts in nested chroots
Date: Thu, 21 May 2020 19:52:11 +0200 
On Thu, 21 May 2020 15:42:22 +0000 Greg Chicares <address@hidden> wrote:

GC> Vadim--GNU/Linux bind mounts seem to work transitively. For example,
GC> given a bullseye chroot nested in a centos chroot on a buster host,
GC> doing this on the buster host (call this command "A"):
GC> 
GC>   mount --bind /srv/cache_for_lmi /srv/chroot/centos7lmi/srv/cache_for_lmi
GC> 
GC> and then this in the intermediate centos chroot (call this "B"):
GC> 
GC>   mount --bind /srv/cache_for_lmi /srv/chroot/bullseye/srv/cache_for_lmi
GC> 
GC> seems to accomplish the same effect in the innermost chroot as
GC> doing this on the buster host (call this "C"):
GC> 
GC>   mount --bind /srv/cache_for_lmi 
/srv/chroot/centos7lmi/srv/chroot/bullseye/srv/cache_for_lmi
GC> 
GC> All I want is the effect of "C". But "A+B" seems clearer to write,
GC> because it treats the intermediate chroot as autonomous--as though
GC> it were the ultimate host.
GC> 
GC> (I don't care about the side effect that "A" has the side effect
GC> of making 'cache_for_lmi' available in the intermediate chroot,
GC> where I'd never use it.)
GC> 
GC> However...is "A+B" considered harmful?

 I'm not aware of any real drawbacks of doing it like this. Perhaps there
might be a theoretical performance advantage in avoiding the intermediate
bind but I'm pretty sure it would be unnoticeable even if it did exist (and
I'm not even sure about this, the kernel might dereference the mount point
only once, when mounting it -- which could probably be tested by unmounting
the intermediate mount point and seeing if the final one still works).

 But you should keep in mind that I'm absolutely not an expert on Linux
kernel or file systems and, moreover, I've never actually done something
like this (although I use bind mounts themselves extensively). So if you
want to be absolutely and definitely safe, in the sense of not risking
running into any weird problems, I'd probably go with "C" just because it
is certain to work and is simpler and completely unambiguous (without
testing I don't know what will happen if you unmount "B" while "C" is
mounted, but no such questions can arise if "B" is not used).

 So I'd go with "C", just because I'm a sad disillusioned conservative (at
least concerning my file systems) but AFAIK "A+B" should also work just
fine, if you're feeling more adventurous.

 Regards,
VZ

Attachment: pgpJww9ZInEh0.pgp
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]