commit f698955537110354fe76233a465f2f57377cc317 parent 68578917c339bff9b899c4e53ad3b23515469864 Author: Jan Pobříslo <ccx@te2000.cz> Date: Mon, 21 Feb 2022 17:41:12 +0000 Try read-only bind-mount for /mnt/init Diffstat:
| M | zsh-functions/confz_site_containers_init | | | 3 | ++- |
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/zsh-functions/confz_site_containers_init b/zsh-functions/confz_site_containers_init @@ -16,7 +16,8 @@ confz_site_containers_user_check() { require container_service_generic \ image_name=$container \ mnt_dirs_extra=init \ - fstab_extra=/home/$vars[user]/bzr/container-user-init$'\t'$bindroot/mnt/init$bind \ + fstab_extra=/home/$vars[user]/bzr/container-user-init$'\t'$bindroot/mnt/init$'\tnone\tbind,ro,nosuid,nodev\t0 0' + \ :containers_dir :svscan_dir :user done