From: Daniel Mack <daniel@zonque.org>
Date: Fri, 17 Oct 2014 14:04:49 +0000 (+0200)
Subject: nspawn: fix DeviceAllow list
X-Git-Tag: v217~202
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=317cde8b80a611f6194aaba2dad418cc21eefe55;p=elogind.git

nspawn: fix DeviceAllow list

Commit 864e17068 ("nspawn: actually allow access to /dev/net/tun in the
container") added "/dev/net/tun" to the list of allowed devices but forgot
to tweak the array length, which caused "/dev/kdbus/*" to be missed.
---

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index f04d32613..c567c8d27 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1545,7 +1545,7 @@ static int register_machine(pid_t pid, int local_ifindex) {
                         return r;
                 }
 
-                r = sd_bus_message_append(m, "(sv)", "DeviceAllow", "a(ss)", 10,
+                r = sd_bus_message_append(m, "(sv)", "DeviceAllow", "a(ss)", 11,
                                           /* Allow the container to
                                            * access and create the API
                                            * device nodes, so that