Nous voulons interdire les montages imbriqués (montage dans un montage)
Ou pour le dire autrement : Nous voulons interdire à un utilisateur de créer un point de montage dans un point de montage existant (autre que /).

playbook.yml

- name: is a nested mount ?
  become: true
  shell: |
    # will_be_mounted_on
    # Returns the mount point where the future file given in argument will be located
    set -euo pipefail
    TMP_PATH="{{ PLOP_ACCOUNT_HOME | quote }}"
    while [[ ! -e "$TMP_PATH" ]]
    do
        TMP_PATH="$(dirname $TMP_PATH)"
    done
    df -l --output=target "$TMP_PATH" | tail -1
  check_mode: false
  changed_when: false
  register: mounted_on
  when: PLOP_ACCOUNT_HOME is defined and PLOP_ACCOUNT_HOME != ''

- name: assert fail on nested mount
  assert:
    that:
      - mounted_on.stdout_lines[-1] == '/' or mounted_on.stdout_lines[-1] == PLOP_ACCOUNT_HOME