summaryrefslogtreecommitdiffstats
path: root/src/core/namespace.c
diff options
context:
space:
mode:
authorYu Watanabe <watanabe.yu+github@gmail.com>2024-10-19 07:40:13 +0200
committerYu Watanabe <watanabe.yu+github@gmail.com>2024-10-23 20:05:06 +0200
commit5811a0117cd4c51b166d04cf3c9b9bd0dbe144aa (patch)
treef6444fcd97f1787f0eb4271ad48b4cd47827c676 /src/core/namespace.c
parentcore/namespace: coding style cleanups (diff)
downloadsystemd-5811a0117cd4c51b166d04cf3c9b9bd0dbe144aa.tar.xz
systemd-5811a0117cd4c51b166d04cf3c9b9bd0dbe144aa.zip
core/namespace: replace MOUNT_PRIVATE_TMP_READ_ONLY with MOUNT_PRIVATE_TMP with .read_only = true
Diffstat (limited to 'src/core/namespace.c')
-rw-r--r--src/core/namespace.c15
1 files changed, 5 insertions, 10 deletions
diff --git a/src/core/namespace.c b/src/core/namespace.c
index 90779ba703..ba308c2957 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -59,7 +59,6 @@ typedef enum MountMode {
MOUNT_BIND,
MOUNT_BIND_RECURSIVE,
MOUNT_PRIVATE_TMP,
- MOUNT_PRIVATE_TMP_READ_ONLY,
MOUNT_PRIVATE_DEV,
MOUNT_BIND_DEV,
MOUNT_EMPTY_DIR,
@@ -243,7 +242,6 @@ static const char * const mount_mode_table[_MOUNT_MODE_MAX] = {
[MOUNT_BIND] = "bind",
[MOUNT_BIND_RECURSIVE] = "bind-recursive",
[MOUNT_PRIVATE_TMP] = "private-tmp",
- [MOUNT_PRIVATE_TMP_READ_ONLY] = "private-tmp-read-only",
[MOUNT_PRIVATE_DEV] = "private-dev",
[MOUNT_BIND_DEV] = "bind-dev",
[MOUNT_EMPTY_DIR] = "empty-dir",
@@ -315,7 +313,7 @@ static void mount_entry_consume_prefix(MountEntry *p, char *new_path) {
static bool mount_entry_read_only(const MountEntry *p) {
assert(p);
- return p->read_only || IN_SET(p->mode, MOUNT_READ_ONLY, MOUNT_INACCESSIBLE, MOUNT_PRIVATE_TMP_READ_ONLY);
+ return p->read_only || IN_SET(p->mode, MOUNT_READ_ONLY, MOUNT_INACCESSIBLE);
}
static bool mount_entry_noexec(const MountEntry *p) {
@@ -1746,7 +1744,6 @@ static int apply_one_mount(
return mount_tmpfs(m);
case MOUNT_PRIVATE_TMP:
- case MOUNT_PRIVATE_TMP_READ_ONLY:
what = mount_entry_source(m);
make = true;
break;
@@ -2402,29 +2399,27 @@ int setup_namespace(const NamespaceParameters *p, char **error_path) {
assert(p->private_tmp == PRIVATE_TMP_CONNECTED);
if (p->tmp_dir) {
- bool ro = streq(p->tmp_dir, RUN_SYSTEMD_EMPTY);
-
MountEntry *me = mount_list_extend(&ml);
if (!me)
return log_oom_debug();
*me = (MountEntry) {
.path_const = "/tmp",
- .mode = ro ? MOUNT_PRIVATE_TMP_READ_ONLY : MOUNT_PRIVATE_TMP,
+ .mode = MOUNT_PRIVATE_TMP,
+ .read_only = streq(p->tmp_dir, RUN_SYSTEMD_EMPTY),
.source_const = p->tmp_dir,
};
}
if (p->var_tmp_dir) {
- bool ro = streq(p->var_tmp_dir, RUN_SYSTEMD_EMPTY);
-
MountEntry *me = mount_list_extend(&ml);
if (!me)
return log_oom_debug();
*me = (MountEntry) {
.path_const = "/var/tmp",
- .mode = ro ? MOUNT_PRIVATE_TMP_READ_ONLY : MOUNT_PRIVATE_TMP,
+ .mode = MOUNT_PRIVATE_TMP,
+ .read_only = streq(p->var_tmp_dir, RUN_SYSTEMD_EMPTY),
.source_const = p->var_tmp_dir,
};
}