diff --git a/sandbox/vfs/mountinfo.go b/sandbox/vfs/mountinfo.go
index 2f609b1..df2940a 100644
--- a/sandbox/vfs/mountinfo.go
+++ b/sandbox/vfs/mountinfo.go
@@ -7,6 +7,7 @@ import (
 	"io"
 	"strconv"
 	"strings"
+	"syscall"
 )
 
 var (
@@ -51,6 +52,31 @@ type (
 	DevT [2]int
 )
 
+func (e *MountInfoEntry) Flags() (flags uintptr, unmatched []string) {
+	for _, s := range strings.Split(e.VfsOptstr, ",") {
+		switch s {
+		case "rw":
+		case "ro":
+			flags |= syscall.MS_RDONLY
+		case "nosuid":
+			flags |= syscall.MS_NOSUID
+		case "nodev":
+			flags |= syscall.MS_NODEV
+		case "noexec":
+			flags |= syscall.MS_NOEXEC
+		case "noatime":
+			flags |= syscall.MS_NOATIME
+		case "nodiratime":
+			flags |= syscall.MS_NODIRATIME
+		case "relatime":
+			flags |= syscall.MS_RELATIME
+		default:
+			unmatched = append(unmatched, s)
+		}
+	}
+	return
+}
+
 // ParseMountInfo parses a mountinfo file according to proc_pid_mountinfo(5).
 func ParseMountInfo(r io.Reader) (*MountInfo, int, error) {
 	var m, cur *MountInfo
diff --git a/sandbox/vfs/mountinfo_test.go b/sandbox/vfs/mountinfo_test.go
index 93738a4..f97a05e 100644
--- a/sandbox/vfs/mountinfo_test.go
+++ b/sandbox/vfs/mountinfo_test.go
@@ -3,8 +3,10 @@ package vfs_test
 import (
 	"errors"
 	"reflect"
+	"slices"
 	"strconv"
 	"strings"
+	"syscall"
 	"testing"
 
 	"git.gensokyo.uk/security/fortify/sandbox/vfs"
@@ -16,7 +18,7 @@ func TestParseMountInfo(t *testing.T) {
 		sample    string
 		wantErr   error
 		wantError string
-		want      []vfs.MountInfoEntry
+		want      []*wantMountInfo
 	}{
 		{"count", sampleMountinfoShort + `
 21 20 0:53/ /mnt/test rw,relatime - tmpfs  rw
@@ -62,59 +64,59 @@ id 20 0:53 / /mnt/test rw,relatime shared:212 - tmpfs  rw
 21 20 0:53 / /mnt/test rw,relatime -   rw
 21 16 0:17 / /sys/fs/cgroup rw,nosuid,nodev,noexec,relatime - tmpfs tmpfs rw,mode=755`, vfs.ErrMountInfoEmpty, "", nil},
 
-		{"base", sampleMountinfoShort, nil, "", []vfs.MountInfoEntry{
-			{15, 20, dev(0, 3), "/", "/proc", "rw,relatime", opt(), "proc", "/proc", "rw"},
-			{16, 20, dev(0, 15), "/", "/sys", "rw,relatime", opt(), "sysfs", "/sys", "rw"},
-			{17, 20, dev(0, 5), "/", "/dev", "rw,relatime", opt(), "devtmpfs", "udev", "rw,size=1983516k,nr_inodes=495879,mode=755"},
-			{18, 17, dev(0, 10), "/", "/dev/pts", "rw,relatime", opt(), "devpts", "devpts", "rw,gid=5,mode=620,ptmxmode=000"},
-			{19, 17, dev(0, 16), "/", "/dev/shm", "rw,relatime", opt(), "tmpfs", "tmpfs", "rw"},
-			{20, 1, dev(8, 4), "/", "/", "rw,noatime", opt(), "ext3", "/dev/sda4", "rw,errors=continue,user_xattr,acl,barrier=0,data=ordered"},
+		{"base", sampleMountinfoShort, nil, "", []*wantMountInfo{
+			m(15, 20, 0, 3, "/", "/proc", "rw,relatime", o(), "proc", "/proc", "rw", syscall.MS_RELATIME, nil),
+			m(16, 20, 0, 15, "/", "/sys", "rw,relatime", o(), "sysfs", "/sys", "rw", syscall.MS_RELATIME, nil),
+			m(17, 20, 0, 5, "/", "/dev", "rw,relatime", o(), "devtmpfs", "udev", "rw,size=1983516k,nr_inodes=495879,mode=755", syscall.MS_RELATIME, nil),
+			m(18, 17, 0, 10, "/", "/dev/pts", "rw,relatime", o(), "devpts", "devpts", "rw,gid=5,mode=620,ptmxmode=000", syscall.MS_RELATIME, nil),
+			m(19, 17, 0, 16, "/", "/dev/shm", "rw,relatime", o(), "tmpfs", "tmpfs", "rw", syscall.MS_RELATIME, nil),
+			m(20, 1, 8, 4, "/", "/", "ro,noatime,nodiratime,meow", o(), "ext3", "/dev/sda4", "rw,errors=continue,user_xattr,acl,barrier=0,data=ordered", syscall.MS_RDONLY|syscall.MS_NOATIME|syscall.MS_NODIRATIME, []string{"meow"}),
 		}},
 
-		{"sample", sampleMountinfo, nil, "", []vfs.MountInfoEntry{
-			{15, 20, dev(0, 3), "/", "/proc", "rw,relatime", opt(), "proc", "/proc", "rw"},
-			{16, 20, dev(0, 15), "/", "/sys", "rw,relatime", opt(), "sysfs", "/sys", "rw"},
-			{17, 20, dev(0, 5), "/", "/dev", "rw,relatime", opt(), "devtmpfs", "udev", "rw,size=1983516k,nr_inodes=495879,mode=755"},
-			{18, 17, dev(0, 10), "/", "/dev/pts", "rw,relatime", opt(), "devpts", "devpts", "rw,gid=5,mode=620,ptmxmode=000"},
-			{19, 17, dev(0, 16), "/", "/dev/shm", "rw,relatime", opt(), "tmpfs", "tmpfs", "rw"},
-			{20, 1, dev(8, 4), "/", "/", "rw,noatime", opt(), "ext3", "/dev/sda4", "rw,errors=continue,user_xattr,acl,barrier=0,data=ordered"},
-			{21, 16, dev(0, 17), "/", "/sys/fs/cgroup", "rw,nosuid,nodev,noexec,relatime", opt(), "tmpfs", "tmpfs", "rw,mode=755"},
-			{22, 21, dev(0, 18), "/", "/sys/fs/cgroup/systemd", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd"},
-			{23, 21, dev(0, 19), "/", "/sys/fs/cgroup/cpuset", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,cpuset"},
-			{24, 21, dev(0, 20), "/", "/sys/fs/cgroup/ns", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,ns"},
-			{25, 21, dev(0, 21), "/", "/sys/fs/cgroup/cpu", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,cpu"},
-			{26, 21, dev(0, 22), "/", "/sys/fs/cgroup/cpuacct", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,cpuacct"},
-			{27, 21, dev(0, 23), "/", "/sys/fs/cgroup/memory", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,memory"},
-			{28, 21, dev(0, 24), "/", "/sys/fs/cgroup/devices", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,devices"},
-			{29, 21, dev(0, 25), "/", "/sys/fs/cgroup/freezer", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,freezer"},
-			{30, 21, dev(0, 26), "/", "/sys/fs/cgroup/net_cls", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,net_cls"},
-			{31, 21, dev(0, 27), "/", "/sys/fs/cgroup/blkio", "rw,nosuid,nodev,noexec,relatime", opt(), "cgroup", "cgroup", "rw,blkio"},
-			{32, 16, dev(0, 28), "/", "/sys/kernel/security", "rw,relatime", opt(), "autofs", "systemd-1", "rw,fd=22,pgrp=1,timeout=300,minproto=5,maxproto=5,direct"},
-			{33, 17, dev(0, 29), "/", "/dev/hugepages", "rw,relatime", opt(), "autofs", "systemd-1", "rw,fd=23,pgrp=1,timeout=300,minproto=5,maxproto=5,direct"},
-			{34, 16, dev(0, 30), "/", "/sys/kernel/debug", "rw,relatime", opt(), "autofs", "systemd-1", "rw,fd=24,pgrp=1,timeout=300,minproto=5,maxproto=5,direct"},
-			{35, 15, dev(0, 31), "/", "/proc/sys/fs/binfmt_misc", "rw,relatime", opt(), "autofs", "systemd-1", "rw,fd=25,pgrp=1,timeout=300,minproto=5,maxproto=5,direct"},
-			{36, 17, dev(0, 32), "/", "/dev/mqueue", "rw,relatime", opt(), "autofs", "systemd-1", "rw,fd=26,pgrp=1,timeout=300,minproto=5,maxproto=5,direct"},
-			{37, 15, dev(0, 14), "/", "/proc/bus/usb", "rw,relatime", opt(), "usbfs", "/proc/bus/usb", "rw"},
-			{38, 33, dev(0, 33), "/", "/dev/hugepages", "rw,relatime", opt(), "hugetlbfs", "hugetlbfs", "rw"},
-			{39, 36, dev(0, 12), "/", "/dev/mqueue", "rw,relatime", opt(), "mqueue", "mqueue", "rw"},
-			{40, 20, dev(8, 6), "/", "/boot", "rw,noatime", opt(), "ext3", "/dev/sda6", "rw,errors=continue,barrier=0,data=ordered"},
-			{41, 20, dev(253, 0), "/", "/home/kzak", "rw,noatime", opt(), "ext4", "/dev/mapper/kzak-home", "rw,barrier=1,data=ordered"},
-			{42, 35, dev(0, 34), "/", "/proc/sys/fs/binfmt_misc", "rw,relatime", opt(), "binfmt_misc", "none", "rw"},
-			{43, 16, dev(0, 35), "/", "/sys/fs/fuse/connections", "rw,relatime", opt(), "fusectl", "fusectl", "rw"},
-			{44, 41, dev(0, 36), "/", "/home/kzak/.gvfs", "rw,nosuid,nodev,relatime", opt(), "fuse.gvfs-fuse-daemon", "gvfs-fuse-daemon", "rw,user_id=500,group_id=500"},
-			{45, 20, dev(0, 37), "/", "/var/lib/nfs/rpc_pipefs", "rw,relatime", opt(), "rpc_pipefs", "sunrpc", "rw"},
-			{47, 20, dev(0, 38), "/", "/mnt/sounds", "rw,relatime", opt(), "cifs", "//foo.home/bar/", "rw,unc=\\\\foo.home\\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344"},
-			{49, 20, dev(0, 56), "/", "/mnt/test/foobar", "rw,relatime", opt("shared:323"), "tmpfs", "tmpfs", "rw"},
+		{"sample", sampleMountinfo, nil, "", []*wantMountInfo{
+			m(15, 20, 0, 3, "/", "/proc", "rw,relatime", o(), "proc", "/proc", "rw", syscall.MS_RELATIME, nil),
+			m(16, 20, 0, 15, "/", "/sys", "rw,relatime", o(), "sysfs", "/sys", "rw", syscall.MS_RELATIME, nil),
+			m(17, 20, 0, 5, "/", "/dev", "rw,relatime", o(), "devtmpfs", "udev", "rw,size=1983516k,nr_inodes=495879,mode=755", syscall.MS_RELATIME, nil),
+			m(18, 17, 0, 10, "/", "/dev/pts", "rw,relatime", o(), "devpts", "devpts", "rw,gid=5,mode=620,ptmxmode=000", syscall.MS_RELATIME, nil),
+			m(19, 17, 0, 16, "/", "/dev/shm", "rw,relatime", o(), "tmpfs", "tmpfs", "rw", syscall.MS_RELATIME, nil),
+			m(20, 1, 8, 4, "/", "/", "rw,noatime", o(), "ext3", "/dev/sda4", "rw,errors=continue,user_xattr,acl,barrier=0,data=ordered", syscall.MS_NOATIME, nil),
+			m(21, 16, 0, 17, "/", "/sys/fs/cgroup", "rw,nosuid,nodev,noexec,relatime", o(), "tmpfs", "tmpfs", "rw,mode=755", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(22, 21, 0, 18, "/", "/sys/fs/cgroup/systemd", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(23, 21, 0, 19, "/", "/sys/fs/cgroup/cpuset", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,cpuset", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(24, 21, 0, 20, "/", "/sys/fs/cgroup/ns", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,ns", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(25, 21, 0, 21, "/", "/sys/fs/cgroup/cpu", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,cpu", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(26, 21, 0, 22, "/", "/sys/fs/cgroup/cpuacct", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,cpuacct", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(27, 21, 0, 23, "/", "/sys/fs/cgroup/memory", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,memory", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(28, 21, 0, 24, "/", "/sys/fs/cgroup/devices", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,devices", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(29, 21, 0, 25, "/", "/sys/fs/cgroup/freezer", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,freezer", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(30, 21, 0, 26, "/", "/sys/fs/cgroup/net_cls", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,net_cls", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(31, 21, 0, 27, "/", "/sys/fs/cgroup/blkio", "rw,nosuid,nodev,noexec,relatime", o(), "cgroup", "cgroup", "rw,blkio", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_NOEXEC|syscall.MS_RELATIME, nil),
+			m(32, 16, 0, 28, "/", "/sys/kernel/security", "rw,relatime", o(), "autofs", "systemd-1", "rw,fd=22,pgrp=1,timeout=300,minproto=5,maxproto=5,direct", syscall.MS_RELATIME, nil),
+			m(33, 17, 0, 29, "/", "/dev/hugepages", "rw,relatime", o(), "autofs", "systemd-1", "rw,fd=23,pgrp=1,timeout=300,minproto=5,maxproto=5,direct", syscall.MS_RELATIME, nil),
+			m(34, 16, 0, 30, "/", "/sys/kernel/debug", "rw,relatime", o(), "autofs", "systemd-1", "rw,fd=24,pgrp=1,timeout=300,minproto=5,maxproto=5,direct", syscall.MS_RELATIME, nil),
+			m(35, 15, 0, 31, "/", "/proc/sys/fs/binfmt_misc", "rw,relatime", o(), "autofs", "systemd-1", "rw,fd=25,pgrp=1,timeout=300,minproto=5,maxproto=5,direct", syscall.MS_RELATIME, nil),
+			m(36, 17, 0, 32, "/", "/dev/mqueue", "rw,relatime", o(), "autofs", "systemd-1", "rw,fd=26,pgrp=1,timeout=300,minproto=5,maxproto=5,direct", syscall.MS_RELATIME, nil),
+			m(37, 15, 0, 14, "/", "/proc/bus/usb", "rw,relatime", o(), "usbfs", "/proc/bus/usb", "rw", syscall.MS_RELATIME, nil),
+			m(38, 33, 0, 33, "/", "/dev/hugepages", "rw,relatime", o(), "hugetlbfs", "hugetlbfs", "rw", syscall.MS_RELATIME, nil),
+			m(39, 36, 0, 12, "/", "/dev/mqueue", "rw,relatime", o(), "mqueue", "mqueue", "rw", syscall.MS_RELATIME, nil),
+			m(40, 20, 8, 6, "/", "/boot", "rw,noatime", o(), "ext3", "/dev/sda6", "rw,errors=continue,barrier=0,data=ordered", syscall.MS_NOATIME, nil),
+			m(41, 20, 253, 0, "/", "/home/kzak", "rw,noatime", o(), "ext4", "/dev/mapper/kzak-home", "rw,barrier=1,data=ordered", syscall.MS_NOATIME, nil),
+			m(42, 35, 0, 34, "/", "/proc/sys/fs/binfmt_misc", "rw,relatime", o(), "binfmt_misc", "none", "rw", syscall.MS_RELATIME, nil),
+			m(43, 16, 0, 35, "/", "/sys/fs/fuse/connections", "rw,relatime", o(), "fusectl", "fusectl", "rw", syscall.MS_RELATIME, nil),
+			m(44, 41, 0, 36, "/", "/home/kzak/.gvfs", "rw,nosuid,nodev,relatime", o(), "fuse.gvfs-fuse-daemon", "gvfs-fuse-daemon", "rw,user_id=500,group_id=500", syscall.MS_NOSUID|syscall.MS_NODEV|syscall.MS_RELATIME, nil),
+			m(45, 20, 0, 37, "/", "/var/lib/nfs/rpc_pipefs", "rw,relatime", o(), "rpc_pipefs", "sunrpc", "rw", syscall.MS_RELATIME, nil),
+			m(47, 20, 0, 38, "/", "/mnt/sounds", "rw,relatime", o(), "cifs", "//foo.home/bar/", "rw,unc=\\\\foo.home\\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344", syscall.MS_RELATIME, nil),
+			m(49, 20, 0, 56, "/", "/mnt/test/foobar", "rw,relatime", o("shared:323"), "tmpfs", "tmpfs", "rw", syscall.MS_RELATIME, nil),
 		}},
 
-		{"sample nosrc", sampleMountinfoNoSrc, nil, "", []vfs.MountInfoEntry{
-			{15, 20, dev(0, 3), "/", "/proc", "rw,relatime", opt(), "proc", "/proc", "rw"},
-			{16, 20, dev(0, 15), "/", "/sys", "rw,relatime", opt(), "sysfs", "/sys", "rw"},
-			{17, 20, dev(0, 5), "/", "/dev", "rw,relatime", opt(), "devtmpfs", "udev", "rw,size=1983516k,nr_inodes=495879,mode=755"},
-			{18, 17, dev(0, 10), "/", "/dev/pts", "rw,relatime", opt(), "devpts", "devpts", "rw,gid=5,mode=620,ptmxmode=000"},
-			{19, 17, dev(0, 16), "/", "/dev/shm", "rw,relatime", opt(), "tmpfs", "tmpfs", "rw"},
-			{20, 1, dev(8, 4), "/", "/", "rw,noatime", opt(), "ext3", "/dev/sda4", "rw,errors=continue,user_xattr,acl,barrier=0,data=ordered"},
-			{21, 20, dev(0, 53), "/", "/mnt/test", "rw,relatime", opt("shared:212"), "tmpfs", "", "rw"},
+		{"sample nosrc", sampleMountinfoNoSrc, nil, "", []*wantMountInfo{
+			m(15, 20, 0, 3, "/", "/proc", "rw,relatime", o(), "proc", "/proc", "rw", syscall.MS_RELATIME, nil),
+			m(16, 20, 0, 15, "/", "/sys", "rw,relatime", o(), "sysfs", "/sys", "rw", syscall.MS_RELATIME, nil),
+			m(17, 20, 0, 5, "/", "/dev", "rw,relatime", o(), "devtmpfs", "udev", "rw,size=1983516k,nr_inodes=495879,mode=755", syscall.MS_RELATIME, nil),
+			m(18, 17, 0, 10, "/", "/dev/pts", "rw,relatime", o(), "devpts", "devpts", "rw,gid=5,mode=620,ptmxmode=000", syscall.MS_RELATIME, nil),
+			m(19, 17, 0, 16, "/", "/dev/shm", "rw,relatime", o(), "tmpfs", "tmpfs", "rw", syscall.MS_RELATIME, nil),
+			m(20, 1, 8, 4, "/", "/", "rw,noatime", o(), "ext3", "/dev/sda4", "rw,errors=continue,user_xattr,acl,barrier=0,data=ordered", syscall.MS_NOATIME, nil),
+			m(21, 20, 0, 53, "/", "/mnt/test", "rw,relatime", o("shared:212"), "tmpfs", "", "rw", syscall.MS_RELATIME, nil),
 		}},
 	}
 
@@ -146,11 +148,21 @@ id 20 0:53 / /mnt/test rw,relatime shared:212 - tmpfs  rw
 					break
 				}
 
-				if !reflect.DeepEqual(cur.MountInfoEntry, tc.want[i]) {
+				if !reflect.DeepEqual(&cur.MountInfoEntry, &tc.want[i].MountInfoEntry) {
 					t.Errorf("ParseMountInfo: entry %d\ngot:  %#v\nwant: %#v",
 						i, cur.MountInfoEntry, tc.want[i])
 				}
 
+				flags, unmatched := cur.Flags()
+				if flags != tc.want[i].flags {
+					t.Errorf("Flags(%q): %#x, want %#x",
+						cur.VfsOptstr, flags, tc.want[i].flags)
+				}
+				if !slices.Equal(unmatched, tc.want[i].unmatched) {
+					t.Errorf("Flags(%q): unmatched = %#q, want %#q",
+						cur.VfsOptstr, unmatched, tc.want[i].unmatched)
+				}
+
 				i++
 			}
 
@@ -161,8 +173,33 @@ id 20 0:53 / /mnt/test rw,relatime shared:212 - tmpfs  rw
 	}
 }
 
-func dev(maj, min int) vfs.DevT { return vfs.DevT{maj, min} }
-func opt(field ...string) []string {
+type wantMountInfo struct {
+	vfs.MountInfoEntry
+	flags     uintptr
+	unmatched []string
+}
+
+func m(
+	id, parent, maj, min int, root, target, vfsOptstr string, optFields []string, fsType, source, fsOptstr string,
+	flags uintptr, unmatched []string,
+) *wantMountInfo {
+	return &wantMountInfo{
+		vfs.MountInfoEntry{
+			ID:        id,
+			Parent:    parent,
+			Devno:     vfs.DevT{maj, min},
+			Root:      root,
+			Target:    target,
+			VfsOptstr: vfsOptstr,
+			OptFields: optFields,
+			FsType:    fsType,
+			Source:    source,
+			FsOptstr:  fsOptstr,
+		}, flags, unmatched,
+	}
+}
+
+func o(field ...string) []string {
 	if field == nil {
 		return []string{}
 	}
@@ -175,7 +212,7 @@ const (
 17 20 0:5 / /dev rw,relatime - devtmpfs udev rw,size=1983516k,nr_inodes=495879,mode=755
 18 17 0:10 / /dev/pts rw,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=000
 19 17 0:16 / /dev/shm rw,relatime - tmpfs tmpfs rw
-20 1 8:4 / / rw,noatime - ext3 /dev/sda4 rw,errors=continue,user_xattr,acl,barrier=0,data=ordered`
+20 1 8:4 / / ro,noatime,nodiratime,meow - ext3 /dev/sda4 rw,errors=continue,user_xattr,acl,barrier=0,data=ordered`
 
 	sampleMountinfo = `15 20 0:3 / /proc rw,relatime - proc /proc rw
 16 20 0:15 / /sys rw,relatime - sysfs /sys rw