Cleanup

oz-mount/mount.c

@@ -15,9 +15,9 @@ int enter_mount_namespace(void) {
 		fprintf(stderr, "E Must run as root\n");
 		return -1;
 	}
+
 	// Do some minimal verification to check that oz-daemon is the parent
 	pid_t ppid = getppid();
-	//ppid = 10252;
 	if (checkProcessName(ppid, "oz-daemon") != 0) {
 		fprintf(stderr, "E unable to verify that oz-daemon is parent\n");
 		return -1;

oz-mount/mount.go

@@ -1,6 +1,13 @@
 // +build linux,!gccgo
 package mount
-
+/*
+	As per the setns documentation, it is impossible to enter a
+	mount namespace from a multithreaded process.
+	One MUST insure that opening the namespace happens when the process
+	has only one thread. This is impossible from golang, as such we call
+	this C function as a constructor to ensure that it is executed
+	before the go scheduler launches other threads.
+*/
 // extern int enter_mount_namespace(void);
 /*
 #include <stdlib.h>
@@ -83,6 +90,7 @@ func cleanPath(spath, homedir string) (string, error) {
 
 func mount(fpath string, readonly bool, fsys *fs.Filesystem, log *logging.Logger) {
 	//log.Notice("Adding file `%s`.", fpath)
+	// TODO: Check if target is empty directory (and not a mountpoint) and allow the bind in that case
 	if _, err := os.Stat(fpath); err != nil {
 		log.Error("%v", err)
 		os.Exit(1)