When entering a chroot is sometimes necessary to mount /sys and /dev using -rbind instead of -bind in order to insure everything is in it's right place when somebody goes looking.
The problem comes when unmounting.
A simple umount always fails; with the children being mounted as well it appears to be in use:
$ umount /mnt/chroot/sys
umount: /mnt/chroot/sys: device is busy.
(In some cases useful info about processes that use
the device is found by lsof(8) or fuser(1))
Another possible solution is to list the mounts from proc, and umount each of those like so:
$ grep /mnt/chroot/sys /proc/mounts | cut -f2 -d" " | sort -r | xargs umount
However this fails as well because the recursive mounts are not actually registered in the mtab:
/mnt/chroot/sys/kernel/security is not mounted (according to mtab)
Perhaps the solution is to perform a lazy umount, but this seems pretty dangerous to me.
Is there a better way to do this that I've missed?
Best Answer
This worked for me correctly -- https://unix.stackexchange.com/a/264488/4319:
It was important to have the two first commands as two separate commands: do not combine
--rbind
and--make-rslave
in one invocation of mount.Without
--make-rslave
, the behavior was unwanted (and not successful):umount -l
would affect the original old mountpoints, too,umount -R
would be affected by the busy (open) files under the original old mountpoints. (Very unexpected...)