diff options
| author | Luca Boccassi <luca.boccassi@microsoft.com> | 2020-07-30 20:37:10 +0200 |
|---|---|---|
| committer | Luca Boccassi <luca.boccassi@microsoft.com> | 2021-01-18 18:24:05 +0100 |
| commit | 5e8deb94c6f05137942b10b5288a37d9b09fd43f (patch) | |
| tree | 1cbed6e76c6398d4c183a6b71e0a9927386833d8 /src/core/dbus-manager.c | |
| parent | MountAPIVFS: always mount a tmpfs on /run (diff) | |
| download | systemd-5e8deb94c6f05137942b10b5288a37d9b09fd43f.tar.xz systemd-5e8deb94c6f05137942b10b5288a37d9b09fd43f.zip | |
core: add DBUS method to bind mount new nodes without service restart
Allow to setup new bind mounts for a service at runtime (via either
DBUS or a new 'systemctl bind' verb) with a new helper that forks into
the unit's mount namespace.
Add a new integration test to cover this.
Useful for zero-downtime addition to services that are running inside
mount namespaces, especially when using RootImage/RootDirectory.
If a service runs with a read-only root, a tmpfs is added on /run
to ensure we can create the airlock directory for incoming mounts
under /run/host/incoming.
Diffstat (limited to 'src/core/dbus-manager.c')
| -rw-r--r-- | src/core/dbus-manager.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c index 3e1d609aa3..4b88f0d9f0 100644 --- a/src/core/dbus-manager.c +++ b/src/core/dbus-manager.c @@ -16,6 +16,7 @@ #include "dbus-job.h" #include "dbus-manager.h" #include "dbus-scope.h" +#include "dbus-service.h" #include "dbus-unit.h" #include "dbus.h" #include "env-util.h" @@ -725,6 +726,11 @@ static int method_set_unit_properties(sd_bus_message *message, void *userdata, s return method_generic_unit_operation(message, userdata, error, bus_unit_method_set_properties, GENERIC_UNIT_LOAD|GENERIC_UNIT_VALIDATE_LOADED); } +static int method_bind_mount_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) { + /* Only add mounts on fully loaded units */ + return method_generic_unit_operation(message, userdata, error, bus_service_method_bind_mount, GENERIC_UNIT_VALIDATE_LOADED); +} + static int method_ref_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) { /* Only allow reffing of fully loaded units, and make sure reffing a unit loads it. */ return method_generic_unit_operation(message, userdata, error, bus_unit_method_ref, GENERIC_UNIT_LOAD|GENERIC_UNIT_VALIDATE_LOADED); @@ -2760,6 +2766,16 @@ const sd_bus_vtable bus_manager_vtable[] = { NULL,, method_set_unit_properties, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD_WITH_NAMES("BindMountUnit", + "sssbb", + SD_BUS_PARAM(name) + SD_BUS_PARAM(source) + SD_BUS_PARAM(destination) + SD_BUS_PARAM(read_only) + SD_BUS_PARAM(mkdir), + NULL,, + method_bind_mount_unit, + SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD_WITH_NAMES("RefUnit", "s", SD_BUS_PARAM(name), |