contrib/sysvinit-redhat: unshare mount namespace
unshare the mount namespace of the docker daemon to avoid other pids outside the daemon holding mount references of docker containers. Signed-off-by: Vincent Batts <vbatts@redhat.com>
This commit is contained in:
Vincent Batts
parent
eb76cb2301
commit
6bb6586458
1 changed files with 2 additions and 1 deletions
|
|
@ -23,6 +23,7 @@
|
|||
. /etc/rc.d/init.d/functions
|
||||
|
||||
prog="docker"
|
||||
unshare=/usr/bin/unshare
|
||||
exec="/usr/bin/$prog"
|
||||
pidfile="/var/run/$prog.pid"
|
||||
lockfile="/var/lock/subsys/$prog"
|
||||
|
|
@ -46,7 +47,7 @@ start() {
|
|||
prestart
|
||||
printf "Starting $prog:\t"
|
||||
echo "\n$(date)\n" >> $logfile
|
||||
$exec -d $other_args &>> $logfile &
|
||||
"$unshare" -m -- $exec -d $other_args &>> $logfile &
|
||||
pid=$!
|
||||
touch $lockfile
|
||||
# wait up to 10 seconds for the pidfile to exist. see
|
||||
|
|
|
|||
Loading…
Reference in a new issue