Let isolation namespace base on app namespace

This commit is contained in:
vvb2060 2020-06-26 16:31:41 +08:00 committed by John Wu
parent fee4031d0f
commit e458215f27

View File

@ -293,6 +293,7 @@ void su_daemon_handler(int client, struct ucred *credential) {
break; break;
case NAMESPACE_MODE_ISOLATE: case NAMESPACE_MODE_ISOLATE:
LOGD("su: use new isolated namespace\n"); LOGD("su: use new isolated namespace\n");
switch_mnt_ns(ctx.pid);
xunshare(CLONE_NEWNS); xunshare(CLONE_NEWNS);
xmount(nullptr, "/", nullptr, MS_PRIVATE | MS_REC, nullptr); xmount(nullptr, "/", nullptr, MS_PRIVATE | MS_REC, nullptr);
break; break;