From 89ba84c84095124f70d559ec7ad3922bf4dafb3e Mon Sep 17 00:00:00 2001
From: Vincent Batts <vbatts@redhat.com>
Date: Tue, 20 Jan 2015 14:22:04 -0500
Subject: [PATCH] contrib/systemd: mount namespace and subtree flags

This systemd.exec setting will construct a new mount namespace for the
docker daemon, and use slave shared-subtree mounts so that volume mounts
propogate correctly into containers.

By having an unshared mount namespace for the daemon it ensures that
mount references are not held by other pids outside of the docker
daemon. Frequently this can be seen in EBUSY or "device or resource
busy" errors.

Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: eb76cb2301fc883941bc4ca2d9ebc3a486ab8e0a
Component: engine
---
 components/engine/contrib/init/systemd/docker.service | 1 +
 1 file changed, 1 insertion(+)

diff --git a/components/engine/contrib/init/systemd/docker.service b/components/engine/contrib/init/systemd/docker.service
index 83c810d13a..9738ca1ad5 100644
--- a/components/engine/contrib/init/systemd/docker.service
+++ b/components/engine/contrib/init/systemd/docker.service
@@ -6,6 +6,7 @@ Requires=docker.socket
 
 [Service]
 ExecStart=/usr/bin/docker -d -H fd://
+MountFlags=slave
 LimitNOFILE=1048576
 LimitNPROC=1048576