Merge pull request #8166 from rhatdan/unbindable

Allow users to mount with unbindable flag

libpod/container_inspect.go

@@ -270,7 +270,7 @@ func parseMountOptionsForInspect(options []string, mount *define.InspectMount) {
 			isRW = false
 		case "rw":
 			// Do nothing, silently discard
-		case "shared", "slave", "private", "rshared", "rslave", "rprivate":
+		case "shared", "slave", "private", "rshared", "rslave", "rprivate", "unbindable", "runbindable":
 			mountProp = opt
 		case "z", "Z":
 			zZ = opt

libpod/container_internal_linux.go

@@ -344,7 +344,7 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
 			Type:        "bind",
 			Source:      srcPath,
 			Destination: dstPath,
-			Options:     []string{"bind", "private"},
+			Options:     []string{"bind", "rprivate"},
 		}
 		if c.IsReadOnly() && dstPath != "/dev/shm" {
 			newMount.Options = append(newMount.Options, "ro", "nosuid", "noexec", "nodev")