The mount_seq command in ctrtool creates bind mounts and other types of virtual filesystem mounts for use by a container. Although it is mainly used for containers, the mount_seq command is just a simple wrapper around the mount(2) syscall and can also be used for other purposes where a sequence of mounts needs to be made.


ctrtool mount_seq [-m target [-k] [-y] [-e] [-E|-f] [-s source [-K]] [-t type] [-O mount_options] [-o superblock_options]]
                  [-u target [-k] [-y] [-e] [-O umount_options]]
                  [-D target [-k] [-y] [-e] [-M mode]]
                  [-S shell_command [-y] [-e]]
                  [-c target [-k] [-y] [-e]]
                  [-l target [-k] [-y] [-e] [-s link_target]]
  • -m: Mount a filesystem.
  • -u: Unmount a filesystem.
  • -D: Create a directory.
  • -S: Execute a shell command.
  • -c: Change working directory.
  • -l: Create a symbolic link.


Ctrtool mount_seq mounts one or more filesystems. Mount_seq differs from mount(8) and other traditional UNIX tools like ln in the following respects:

  • Multiple operations can be performed in a single command invocation (useful since no need to spawn new tasks or load libc multiple times per mount)
  • The argument to one of the command options (-m, -u, -D, -c, -l) is always the target filename.
  • Options such as ro,nosuid,nodev,noexec have to be specified using the -O option, whereas filesystem-specific options (e.g. size=SIZE in tmpfs) are specified using the -o option.
  • mount_seq cannot mount loopback devices as the source device.
  • mount_seq never updates /etc/mtab or /run/mount/utab.
  • mount_seq always passes the arguments directly into the mount(2) system call and will never modify the source or target arguments to account for symbolic links.
  • mount_seq checks all paths for symbolic links by default; however, this symlink check is currently non-atomic and should not be relied on for security. Eventually there might be a feature added that might make this operation fully atomic.
  • -D creates directories with a mode of 0700 by default (compared to mkdir which is 0777 & ~umask (usually 0755 or 0775 in practice).

Options valid in all modes

  • -y: Call sync(2) after this operation.
  • -e: Keep going even if this operation failed.
  • -k: Do not check target for symbolic links (ignored in -S mode).


-m target mounts a new filesystem on target.

All options specified below must be specified after -m target.

  • -t TYPE: Filesystem type (e.g. tmpfs)
  • -s SOURCE: Filesystem source (only for device and bind mounts)
  • -o OPTIONS: Superblock options
  • -E: Create target directory if it doesn't already exist
  • -f: Create target as a file if it doesn't already exist. Useful only for bind mounts where the source is not a directory.
  • -K: Do not check source for symbolic links. Required if source is a link in /proc/PID/ns.
  • -Oa: Do not update access times on this mount (equal to MS_NOATIME)
  • -Ob: Bind mount (equal to MS_BIND)
  • -Oc: Relatime (equal to MS_RELATIME)
  • -Od: Ignore device nodes (equal to MS_NODEV)
  • -Oe: Directory modifications synchronous (equal to MS_DIRSYNC)
  • -Oh: Set propagation to "shared" (equal to MS_SHARED); see #Notes about propagation
  • -Ol: Set propagation to "slave" (equal to MS_SLAVE); see #Notes about propagation
  • -Om: Move the mount from source to target (equal to MS_MOVE)
  • -Oo: Read-only mount (equal to MS_RDONLY)
  • -Op: Set propagation to "private" (equal to MS_PRIVATE); see #Notes about propagation
  • -Oq: Don't print errors in dmesg (equal to MS_SILENT)
  • -Or: Remount (equal to MS_REMOUNT)
  • -Os: Ignore set-uid/set-gid/file capabilities (equal to MS_NOSUID)
  • -Ot: Strict atime (equal to MS_STRICTATIME)
  • -Ou: Set propagation to "unbindable" (equal to MS_UNBINDABLE); see #Notes about propagation
  • -Ov: Recursive mount (equal to MS_REC)
  • -Ow: Make all modifications synchronous (equal to MS_SYNCHRONOUS)
  • -Ox: Disallow execution of binaries (equal to MS_NOEXEC)
  • -Oz: Lazy update of modification times (equal to MS_LAZYTIME)

See mount(2) for exact semantics on MS_* flags.

Notes about propagation

As mount_seq is merely a simple wrapper around the mount(2) system call, some of the operations that would normally be done through mount(8) will have to be done manually instead.

Read-only bind mount

ctrtool mount_seq \
    -m fs_target -s fs_source -Ob \
    -m fs_target -Obro

Setting propagation

This example recursively bind mounts fs_source on fs_target and recursively sets the propagation of fs_target to private.

ctrtool mount_seq \
    -m fs_target -s fs_source -Obv \
    -m fs_target -Opv

Known bugs

  • The symlink check facility is non-atomic.
  • If a sequence of mounts fails part way, then there is no way of telling how far it went. This is because mount_seq was meant to be used in a tmpfs context, where all of the targets are meant to be located within a single, newly-created tmpfs mount; lazily unmounting that tmpfs would effectively undo all of the operations.
  • Specifying a filesystem type where the data argument of the mount() system call is expected to be something other than a null-terminated string (such as cifs) may lead to undefined behavior.
This end-user documentation is part of ctrtool. Reproduction and use of this material for any purpose is permitted, provided that a link to this page is provided as attribution.