diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2023-08-12 08:18:41 +0200 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2023-08-22 04:50:16 +0200 |
| commit | 94fe4cf2557d1f70f20ee02d32f4c2ae6bc1fb3f (patch) | |
| tree | 18f374ba064ad7a3b53976ec2678564b520f7fe6 /src/test/test-ns.c | |
| parent | core/credential: make setup_credentials() return path to credentials directory (diff) | |
| download | systemd-94fe4cf2557d1f70f20ee02d32f4c2ae6bc1fb3f.tar.xz systemd-94fe4cf2557d1f70f20ee02d32f4c2ae6bc1fb3f.zip | |
core: do not leak mount for credentials directory if mount namespace is enabled
Since kernel v5.2, open_tree() and move_mount() are added. If a service
loads or sets credentials, then let's try to clone the mount that contains
credentials with open_tree(), then mount it after a (private) mount
namespace is initialized for the service. Then, we can setup a mount for
credentials directory without leaking it to the main shared mount
namespace.
With this change, the credentials for services that request their own
private mount namespace become much much safer. And, the number of mount
events triggered by setting up credential directories can be decreased.
Unfortunately, this does not 'fix' the original issue #25527, as the
reported service does not requests private mount namespace, but the
situation should be better now.
Diffstat (limited to 'src/test/test-ns.c')
| -rw-r--r-- | src/test/test-ns.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/test/test-ns.c b/src/test/test-ns.c index 77afd2f6b9..56f3de83b6 100644 --- a/src/test/test-ns.c +++ b/src/test/test-ns.c @@ -96,6 +96,7 @@ int main(int argc, char *argv[]) { tmp_dir, var_tmp_dir, NULL, + -EBADF, NULL, 0, NULL, |