I'm running the golang code on this repo https://github.com/lizrice/containers-from-scratch/blob/master/main.go and I'm having a problem with the mount namespace. What the code should do is creating a process within its own mount namespace. So if I run the code with sudo go run main.go run /bin/bash and I create a file inside the directory mytemp, I should be able to see that file from within the new started process, but if I try to view that file moving to the rootfs directory on the host, I shouldn't be able to see that file thanks to the mount namespace.
Unfortunately I still see this file, so it seems that the process I run is not mount namespaced.
To run the code, I used this https://github.com/ericchiang/containers-from-scratch/releases/download/v0.1.0/rootfs.tar.gz as a rootfs and moved it under /home/me. Then I created a mytemp directory to use as the tmpfs mount target.
Do you have any ideas about the reasons why the process doesn't get mount namespaced?
Thanks!
