Use rbind to mount cgroups in case of nested trees

conf/hooks/10-cgroups.sh

@@ -25,8 +25,8 @@ while IFS=':' read -r x ctrl path; do
     fi < /proc/self/mountinfo | { IFS=' ' read -r x x x root mount x || :; }
 
     if [ -n "${root}" ] && [ -n "${mount}" ]; then
-        printf "%s %s none x-create=dir,bind,nosuid,noexec,nodev,ro\n" "${mount}/${path#${root}}" "${mount}" >> "${ENROOT_MOUNTS}"
+        printf "%s %s none x-create=dir,rbind,nosuid,noexec,nodev,ro\n" "${mount}/${path#${root}}" "${mount}" >> "${ENROOT_MOUNTS}"
     fi
 done < /proc/self/cgroup
 
-printf "none /sys/fs/cgroup none bind,remount,nosuid,noexec,nodev,ro,rslave,nofail,silent\n" >> "${ENROOT_MOUNTS}"
+printf "none /sys/fs/cgroup none rbind,remount,nosuid,noexec,nodev,ro,rslave,nofail,silent\n" >> "${ENROOT_MOUNTS}"