aboutsummaryrefslogtreecommitdiff
path: root/libminijail.c
diff options
context:
space:
mode:
Diffstat (limited to 'libminijail.c')
-rw-r--r--libminijail.c20
1 files changed, 10 insertions, 10 deletions
diff --git a/libminijail.c b/libminijail.c
index 00a4344..b5a2ce1 100644
--- a/libminijail.c
+++ b/libminijail.c
@@ -1153,16 +1153,16 @@ void API minijail_enter(const struct minijail *j)
pdie("setns(CLONE_NEWNS)");
if (j->flags.vfs) {
- if (unshare(CLONE_NEWNS))
- pdie("unshare(vfs)");
- /*
- * Remount all filesystems as private. If they are shared
- * new bind mounts will creep out of our namespace.
- * https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt
- */
- if (mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, NULL))
- pdie("mount(/, private)");
- }
+ if (unshare(CLONE_NEWNS))
+ pdie("unshare(vfs)");
+ /*
+ * Remount all filesystems as private. If they are shared
+ * new bind mounts will creep out of our namespace.
+ * https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt
+ */
+ if (mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, NULL))
+ pdie("mount(/, private)");
+ }
if (j->flags.ipc && unshare(CLONE_NEWIPC)) {
pdie("unshare(ipc)");
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 04:54:39 +0000