diff options
| author | Lennart Poettering <lennart@poettering.net> | 2023-03-14 11:09:46 +0100 |
|---|---|---|
| committer | Luca Boccassi <bluca@debian.org> | 2023-10-02 15:02:32 +0200 |
| commit | 8d9a1d5979a9290f23925f482690fee680990a8e (patch) | |
| tree | 01bd4002fa5d5460654658f028ba8515e7061585 /src/portable | |
| parent | mount-util: add make_fsmount() (diff) | |
| download | systemd-8d9a1d5979a9290f23925f482690fee680990a8e.tar.xz systemd-8d9a1d5979a9290f23925f482690fee680990a8e.zip | |
dissect-image: optionally allow mounting via new kernel mount API in two steps
This adds support for the new fsmount() logic of the kernel: we'll first
create an unattached fsmount fd, and then in a second step attach this
to some real file system inode – as opposed to attaching file system
directly. The benefit of this is that we can pass the open fsmount fds
over some sockets if need be, to isolate the mounting code from the
attaching code.
Diffstat (limited to 'src/portable')
| -rw-r--r-- | src/portable/portable.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/portable/portable.c b/src/portable/portable.c index 52f38dc83e..a672bff3c5 100644 --- a/src/portable/portable.c +++ b/src/portable/portable.c @@ -424,7 +424,13 @@ static int portable_extract_by_path( else flags |= DISSECT_IMAGE_VALIDATE_OS; - r = dissected_image_mount(m, tmpdir, UID_INVALID, UID_INVALID, flags); + r = dissected_image_mount( + m, + tmpdir, + /* uid_shift= */ UID_INVALID, + /* uid_range= */ UID_INVALID, + /* userns_fd= */ -EBADF, + flags); if (r < 0) { log_debug_errno(r, "Failed to mount dissected image: %m"); goto child_finish; |