init.rc: Remount / with MS_REMOUNT|MS_BIND Since we only want to change the ro flag on / (and leave all other mount flags alone), this can also be achieved by passing MS_REMOUNT|MS_BIND, even if the mount is not a bind-mount. This aims to make running Android within a user namespace easier, since remounts without the MS_BIND flag are forbidden. Bug: 73255020 Test: aosp_sailfish still boots Test: rootfs on / type rootfs (rw,seclabel) /dev/root on / type ext4 (ro,seclabel,relatime,data=ordered) Change-Id: I2f89a8badfc467db47304c9355648e8fd8ad1272

commit: 277e54b6ed5b4e611543bb7f31fa7856bb7f53d1 [log] [tgz]
author: Luis Hector Chavez <lhchavez@google.com> Wed Feb 14 08:36:16 2018 -0800
committer: Luis Hector Chavez <lhchavez@google.com> Wed Feb 14 20:51:06 2018 +0000
tree: 2dbaf6a103e9fd52750da803b371661eac34c643
parent: 689071f35f5a4a16b368eabbeb012ec69d84f061 [diff]
diff --git a/rootdir/init.rc b/rootdir/init.rc
index f008c17..da3f824 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc

@@ -318,8 +318,9 @@
     start hwservicemanager
     start vndservicemanager
 
-    # once everything is setup, no need to modify /
-    mount rootfs rootfs / ro remount
+    # Once everything is setup, no need to modify /.
+    # The bind+ro combination avoids modifying any other mount flags.
+    mount rootfs rootfs / remount bind ro
     # Mount shared so changes propagate into child namespaces
     mount rootfs rootfs / shared rec
     # Mount default storage into root namespace
commit	277e54b6ed5b4e611543bb7f31fa7856bb7f53d1	[log] [tgz]
author	Luis Hector Chavez <lhchavez@google.com>	Wed Feb 14 08:36:16 2018 -0800
committer	Luis Hector Chavez <lhchavez@google.com>	Wed Feb 14 20:51:06 2018 +0000
tree	2dbaf6a103e9fd52750da803b371661eac34c643
parent	689071f35f5a4a16b368eabbeb012ec69d84f061 [diff]