init.rc: Remount / with MS_REMOUNT|MS_BIND|MS_NODEV / should not have any character/block devices, so might as well pass in the nodev flag. Bug: 73255020 Test: aosp_sailfish still boots Test: sailfish:/ # find / -xdev -a \( -type b -o -type c -o -type p -o -type s \) sailfish:/ # Test: rootfs on / type rootfs (rw,seclabel) /dev/root on / type ext4 (ro,seclabel,nodevrelatime) Change-Id: Ia73e04b53a47506892d9d3cb61b471b81bb72dc3

commit: 055429df74353d1c0adb668f5b13b32cd5af5d5c [log] [tgz]
author: Luis Hector Chavez <lhchavez@google.com> Wed Jul 11 08:13:34 2018 -0700
committer: Luis Hector Chavez <lhchavez@google.com> Wed Jul 11 08:36:00 2018 -0700
tree: 033e7df9d8aa57c97cb7d35f379c04de7ec40738
parent: ade24412b75dfd85d2378adbcb29e8337dee7e49 [diff]
diff --git a/rootdir/init.rc b/rootdir/init.rc
index c1ae932..d3f038e 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc

@@ -318,8 +318,8 @@
     start vndservicemanager
 
     # Once everything is setup, no need to modify /.
-    # The bind+ro combination avoids modifying any other mount flags.
-    mount rootfs rootfs / remount bind ro
+    # The bind+remount combination allows this to work in containers.
+    mount rootfs rootfs / remount bind ro nodev
     # Mount shared so changes propagate into child namespaces
     mount rootfs rootfs / shared rec
     # Mount default storage into root namespace
commit	055429df74353d1c0adb668f5b13b32cd5af5d5c	[log] [tgz]
author	Luis Hector Chavez <lhchavez@google.com>	Wed Jul 11 08:13:34 2018 -0700
committer	Luis Hector Chavez <lhchavez@google.com>	Wed Jul 11 08:36:00 2018 -0700
tree	033e7df9d8aa57c97cb7d35f379c04de7ec40738
parent	ade24412b75dfd85d2378adbcb29e8337dee7e49 [diff]