The code had a wrong assumption that "mount namespaces" automatically
unmounts process mounts when exits but this happens only with
unprivileged mounts.
When mount points reside within other mount points, this
patch sorts them by path length and then unmounts then
in an order reverse to their mounting. This results in
independent paths being unmounted first.
This fixes an issue in buildbots where dependent paths failed
to unmount, leading to the build script removing system-wide
language libraries.
Now it's possible to disable default bind mounts of
languages by setting:
{
"isolation": {
"automount": {
"language_deps": false
}
}
}
In this case, the user is responsible to provide a "rootfs"
containing the language libraries and required files for
the application.
