switchroot: Ensure /sysroot is set to "private" propagation
Downstream BZ: https://bugzilla.redhat.com/show_bug.cgi?id=
1498281
This came up as a problem with `oci-umount` which was trying to ensure some host
mounts like `/var/lib/containers` don't leak into privileged containers. But
since our `/sysroot` mount wasn't private we also got a copy there.
We should have done this from the very start - it makes `findmnt` way, way less
ugly and is just the obviously right thing to do, will possibly create world
peace etc.
Closes: #1438
Approved by: rhvgoyal
projects / ostree.git / commit