On Mon, 18.05.15 12:20, Alban Crequy (alban.cre...@gmail.com) wrote:
> From: Alban Crequy <al...@endocode.com>
>
> When a service is chrooted with the option RootDirectory=/opt/..., then
> the options PrivateDevices, PrivateTmp, ProtectHome, ProtectSystem must
> mount the directories under $RootDirectory/{dev,tmp,home,usr,boot}.
Applied with two changes:
> - r = append_mounts(&m, STRV_MAKE("-/home",
> "-/run/user", "-/root"), protect_home == PROTECT_HOME_READ_ONLY ? READONLY :
> INACCESSIBLE);
> + char *home_dir, *run_user_dir, *root_dir;
> +
> + home_dir = prefix_roota(root_directory, "/home");
> + home_dir = strjoina("-", home_dir);
> + run_user_dir = prefix_roota(root_directory,
> "/run/user");
> + run_user_dir = strjoina("-", run_user_dir);
> + root_dir = prefix_roota(root_directory, "/root");
> + root_dir = strjoina("-", root_dir);
prefix_roota() returns a "const char*". hence home_dir and friends
should be "const char*" too.
The compiler warns about this loudly...
I figure eventually we should fix the "-" handling in a ncier way, and
parse them away and store them in a proper bool rather than this weird
prefix thing...
> +
> + log_info("Usage:");
> + log_info(" sudo TEST_NS_PROJECTS=/home/lennart/projects
> ./test-ns");
> + log_info(" sudo TEST_NS_CHROOT=/home/alban/debian-tree
> TEST_NS_PROJECTS=/home/alban/debian-tree/home/alban/Documents ./test-ns");
log_info() and friends is happy with newlines in log messages, please
use them instead of using multiple log log_info() invocations.
Thanks!
Lennart
--
Lennart Poettering, Red Hat
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
