https://bugzilla.redhat.com/show_bug.cgi?id=1216153

Bug ID: 1216153 Summary: Docker daemon runs in shared mount namespace Product: Fedora EPEL Version: el6 Component: docker-io Assignee: ichavero@redhat.com Reporter: michaeljameswells+redhatbugzilla@gmail.com QA Contact: extras-qa@fedoraproject.org CC: adimania@gmail.com, admiller@redhat.com, golang@lists.fedoraproject.org, hushan.jia@gmail.com, ichavero@redhat.com, jchaloup@redhat.com, jperrin@centos.org, lsm5@redhat.com, mattdm@redhat.com, mgoldman@redhat.com, miminar@redhat.com, s@shk.io, thrcka@redhat.com, vbatts@redhat.com

Description of problem: The docker daemon is run in a shared mount namespace, causing problems when restarting the docker service. This prevents starting up containers where mounts remain in place.

Version-Release number of selected component (if applicable): 1.5.0-1.el6

How reproducible: Always

Steps to Reproduce: 1. docker run -d --name test centos sleep infinity 2. service docker restart 3. docker start test

Actual results: Error response from daemon: Cannot start container test: Error getting container 0412d5cce356ff269bd85b2096eb8bc0b2cc58a67096c6c6587a85f7e82f0b77 from driver devicemapper: Error mounting '/dev/mapper/docker-253:0-2097716-0412d5cce356ff269bd85b2096eb8bc0b2cc58a67096c6c6587a85f7e82f0b77' on '/var/lib/docker/devicemapper/mnt/0412d5cce356ff269bd85b2096eb8bc0b2cc58a67096c6c6587a85f7e82f0b77': device or resource busy FATA[0000] Error: failed to start one or more containers

Expected results: Container to start.

Additional info: A merged pull request containing updated sysvinit script is found here: https://github.com/docker/docker/pull/10225

It was merged prior to the 1.5.0 release and involves running "unshare -m" when starting the docker daemon to place it into its own mount namespace.