How to Configure Persistent Bind Mounts in /etc/fstab for Chroot Environments


4 views

When working with chroot environments like MySQL containers, bind mounts become essential for exposing system directories. While mount --bind works for temporary mounts, adding them to /etc/fstab ensures persistence across reboots.

For your specific case of mounting /proc into a MySQL chroot, the proper /etc/fstab entry would be:

/proc    /chroot/mysql/proc    none    bind    0    0

The fstab fields break down as:

  1. Source: Original directory (/proc)
  2. Target: Mount point (/chroot/mysql/proc)
  3. Filesystem type: 'none' for bind mounts
  4. Options: 'bind' flag
  5. Dump: 0 (not needed for bind mounts)
  6. Pass: 0 (no filesystem check)

After editing /etc/fstab, test with:

sudo mount -a
mount | grep /chroot/mysql/proc

This should show your bind mount active. To verify functionality within the chroot:

sudo chroot /chroot/mysql ls /proc

For more complex scenarios, consider these variants:

# Read-only bind mount
/proc    /chroot/mysql/proc    none    bind,ro    0    0

# Recursive bind (include submounts)
/proc    /chroot/mysql/proc    none    rbind    0    0

# Combining options
/dev    /chroot/mysql/dev    none    bind,noexec,nosuid    0    0

If the mount fails:

  • Ensure source directory exists
  • Verify target directory exists in chroot
  • Check for typos in paths
  • Confirm no conflicting mounts exist
  • Review system logs (journalctl -xe)

When binding system directories:

  • Avoid binding sensitive directories like /sys unnecessarily
  • Use noexec, nosuid where possible
  • Consider read-only (ro) mounts for immutable directories
  • Regularly audit your bind mounts with findmnt

Bind mounts allow you to mirror one directory's contents to another location in the filesystem hierarchy. Unlike symbolic links, bind mounts create an actual mount point that behaves exactly like the original directory.

To make bind mounts persistent across reboots, you need to add them to /etc/fstab. The correct syntax is:


/source/directory    /target/directory    none    bind    0    0

For your specific case of mounting /proc inside a chrooted MySQL environment, the entry would be:


/proc    /chroot/mysql/proc    none    bind    0    0

After editing /etc/fstab, you can either reboot or manually mount all entries with:


mount -a

Verify the bind mount worked with:


mount | grep /chroot/mysql/proc

For read-only bind mounts, use:


/source    /target    none    bind,ro    0    0

To recursively bind an entire directory tree:


/source    /target    none    rbind    0    0

If the bind mount fails:

  • Check that both source and target directories exist
  • Verify correct permissions on both directories
  • Ensure no processes are using the target directory
  • Check system logs (journalctl -xe) for errors