#include <sys/mount.h>
#include <errno.h>
-#include <sys/stat.h>
#include <stdlib.h>
-#include <string.h>
-#include <assert.h>
#include <unistd.h>
#include <ftw.h>
#include "mount-setup.h"
-#include "dev-setup.h"
-#include "log.h"
+//#include "dev-setup.h"
+//#include "bus-util.h"
+//#include "log.h"
#include "macro.h"
-#include "util.h"
+//#include "util.h"
#include "label.h"
-#include "set.h"
-#include "strv.h"
+//#include "set.h"
+//#include "strv.h"
#include "mkdir.h"
#include "path-util.h"
-#include "missing.h"
+//#include "missing.h"
#include "virt.h"
-#include "efivars.h"
-#include "smack-util.h"
-#include "def.h"
+//#include "efivars.h"
+//#include "smack-util.h"
#include "cgroup-util.h"
typedef enum MountMode {
#endif
static const MountPoint mount_table[] = {
+/// UNNEEDED by elogind
+#if 0
{ "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
NULL, MNT_FATAL|MNT_IN_CONTAINER },
{ "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
#endif
{ "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
NULL, MNT_FATAL|MNT_IN_CONTAINER },
+ { "cgroup", "/sys/fs/cgroup", "cgroup", "__DEVEL__sane_behavior", MS_NOSUID|MS_NOEXEC|MS_NODEV,
+ cg_is_unified_wanted, MNT_FATAL|MNT_IN_CONTAINER },
+#endif // 0
{ "tmpfs", "/sys/fs/cgroup", "tmpfs", "mode=755", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME,
- NULL, MNT_FATAL|MNT_IN_CONTAINER },
+ cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER },
+/// UNNEEDED by elogind
+#if 0
{ "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd,xattr", MS_NOSUID|MS_NOEXEC|MS_NODEV,
- NULL, MNT_IN_CONTAINER },
+ cg_is_legacy_wanted, MNT_IN_CONTAINER },
{ "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd", MS_NOSUID|MS_NOEXEC|MS_NODEV,
- NULL, MNT_FATAL|MNT_IN_CONTAINER },
+ cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER },
+#else
+ { "cgroup", "/sys/fs/cgroup/elogind", "cgroup", "none,name=elogind,xattr", MS_NOSUID|MS_NOEXEC|MS_NODEV,
+ cg_is_legacy_wanted, MNT_IN_CONTAINER },
+ { "cgroup", "/sys/fs/cgroup/elogind", "cgroup", "none,name=elogind", MS_NOSUID|MS_NOEXEC|MS_NODEV,
+ cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER },
+#endif // 0
+/// UNNEEDED by elogind
+#if 0
{ "pstore", "/sys/fs/pstore", "pstore", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
NULL, MNT_NONE },
#ifdef ENABLE_EFI
{ "efivarfs", "/sys/firmware/efi/efivars", "efivarfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
is_efi_boot, MNT_NONE },
#endif
-#ifdef ENABLE_KDBUS
{ "kdbusfs", "/sys/fs/kdbus", "kdbusfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
- NULL, MNT_IN_CONTAINER },
-#endif
+ is_kdbus_wanted, MNT_IN_CONTAINER },
+#endif // 0
};
+/// UNNEEDED by elogind
+#if 0
/* These are API file systems that might be mounted by other software,
* we just list them here so that we know that we should ignore them */
static const char ignore_paths[] =
/* SELinux file systems */
"/sys/fs/selinux\0"
- /* Legacy kernel file system */
- "/proc/bus/usb\0"
/* Container bind mounts */
"/proc/sys\0"
"/dev/console\0"
return false;
}
+#endif // 0
static int mount_one(const MountPoint *p, bool relabel) {
int r;
if (relabel)
label_fix(p->where, true, true);
- r = path_is_mount_point(p->where, true);
- if (r < 0)
+ r = path_is_mount_point(p->where, AT_SYMLINK_FOLLOW);
+ if (r < 0 && r != -ENOENT)
return r;
-
if (r > 0)
return 0;
/* Skip securityfs in a container */
- if (!(p->mode & MNT_IN_CONTAINER) && detect_container(NULL) > 0)
+ if (!(p->mode & MNT_IN_CONTAINER) && detect_container() > 0)
return 0;
/* The access mode here doesn't really matter too much, since
return 1;
}
+/// UNNEEDED by elogind
+#if 0
int mount_setup_early(void) {
unsigned i;
int r = 0;
int j;
j = mount_one(mount_table + i, false);
- if (r == 0)
+ if (j != 0 && r >= 0)
r = j;
}
_cleanup_set_free_free_ Set *controllers = NULL;
int r;
+ if (!cg_is_legacy_wanted())
+ return 0;
+
/* Mount all available cgroup controllers that are built into the kernel. */
controllers = set_new(&string_hash_ops);
r = symlink(options, t);
if (r < 0 && errno != EEXIST)
return log_error_errno(errno, "Failed to create symlink %s: %m", t);
+#ifdef SMACK_RUN_LABEL
+ r = mac_smack_copy(t, options);
+ if (r < 0 && r != -EOPNOTSUPP)
+ return log_error_errno(r, "Failed to copy smack label from %s to %s: %m", options, t);
+#endif
}
}
}
return FTW_CONTINUE;
};
#endif
+#endif // 0
int mount_setup(bool loaded_policy) {
unsigned i;
int j;
j = mount_one(mount_table + i, loaded_policy);
- if (r == 0)
+ if (j != 0 && r >= 0)
r = j;
}
if (r < 0)
return r;
+/// elogind does not control /, /dev, /run and /run/systemd/* are setup elsewhere.
+#if 0
#if defined(HAVE_SELINUX) || defined(HAVE_SMACK)
/* Nodes in devtmpfs and /run need to be manually updated for
* the appropriate labels, after mounting. The other virtual
/* Create a few default symlinks, which are normally created
* by udevd, but some scripts might need them before we start
* udevd. */
- dev_setup(NULL);
+ dev_setup(NULL, UID_INVALID, GID_INVALID);
/* Mark the root directory as shared in regards to mount
* propagation. The kernel defaults to "private", but we think
* nspawn and the container tools work out of the box. If
* specific setups need other settings they can reset the
* propagation mode to private if needed. */
- if (detect_container(NULL) <= 0)
+ if (detect_container() <= 0)
if (mount(NULL, "/", NULL, MS_REC|MS_SHARED, NULL) < 0)
log_warning_errno(errno, "Failed to set up the root directory for shared mount propagation: %m");
mkdir_label("/run/systemd", 0755);
mkdir_label("/run/systemd/system", 0755);
mkdir_label("/run/systemd/inaccessible", 0000);
+#endif // 0
return 0;
}