1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <sys/mount.h>
28 #include <sys/types.h>
30 #include <sys/syscall.h>
36 #include "path-util.h"
37 #include "namespace.h"
41 typedef enum MountMode {
42 /* This is ordered by priority! */
50 typedef struct BindMount {
57 static int append_mounts(BindMount **p, char **strv, MountMode mode) {
60 STRV_FOREACH(i, strv) {
64 if ((mode == INACCESSIBLE || mode == READONLY) && (*i)[0] == '-') {
69 if (!path_is_absolute(*i))
80 static int mount_path_compare(const void *a, const void *b) {
81 const BindMount *p = a, *q = b;
83 if (path_equal(p->path, q->path)) {
85 /* If the paths are equal, check the mode */
86 if (p->mode < q->mode)
89 if (p->mode > q->mode)
95 /* If the paths are not equal, then order prefixes first */
96 if (path_startswith(p->path, q->path))
99 if (path_startswith(q->path, p->path))
105 static void drop_duplicates(BindMount *m, unsigned *n) {
106 BindMount *f, *t, *previous;
111 for (f = m, t = m, previous = NULL; f < m+*n; f++) {
113 /* The first one wins */
114 if (previous && path_equal(f->path, previous->path))
128 static int apply_mount(
131 const char *var_tmp_dir) {
141 what = "/run/systemd/inaccessible";
153 case PRIVATE_VAR_TMP:
158 assert_not_reached("Unknown mode");
163 r = mount(what, m->path, NULL, MS_BIND|MS_REC, NULL);
165 log_debug("Successfully mounted %s to %s", what, m->path);
166 else if (m->ignore && errno == ENOENT)
172 static int make_read_only(BindMount *m) {
177 if (m->mode != INACCESSIBLE && m->mode != READONLY)
180 r = mount(NULL, m->path, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY|MS_REC, NULL);
181 if (r < 0 && !(m->ignore && errno == ENOENT))
187 int setup_tmpdirs(char **tmp_dir,
188 char **var_tmp_dir) {
190 char tmp_dir_template[] = "/tmp/systemd-private-XXXXXX",
191 var_tmp_dir_template[] = "/var/tmp/systemd-private-XXXXXX";
196 r = create_tmp_dir(tmp_dir_template, tmp_dir);
200 r = create_tmp_dir(var_tmp_dir_template, var_tmp_dir);
206 rmdir(tmp_dir_template);
213 int setup_namespace(char** read_write_dirs,
214 char** read_only_dirs,
215 char** inaccessible_dirs,
219 unsigned mount_flags) {
221 unsigned n = strv_length(read_write_dirs) +
222 strv_length(read_only_dirs) +
223 strv_length(inaccessible_dirs) +
224 (private_tmp ? 2 : 0);
225 BindMount *m, *mounts = NULL;
229 mount_flags = MS_SHARED;
231 if (unshare(CLONE_NEWNS) < 0)
235 m = mounts = (BindMount *) alloca(n * sizeof(BindMount));
236 if ((r = append_mounts(&m, read_write_dirs, READWRITE)) < 0 ||
237 (r = append_mounts(&m, read_only_dirs, READONLY)) < 0 ||
238 (r = append_mounts(&m, inaccessible_dirs, INACCESSIBLE)) < 0)
243 m->mode = PRIVATE_TMP;
246 m->path = "/var/tmp";
247 m->mode = PRIVATE_VAR_TMP;
251 assert(mounts + n == m);
253 qsort(mounts, n, sizeof(BindMount), mount_path_compare);
254 drop_duplicates(mounts, &n);
257 /* Remount / as SLAVE so that nothing now mounted in the namespace
258 shows up in the parent */
259 if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0)
262 for (m = mounts; m < mounts + n; ++m) {
263 r = apply_mount(m, tmp_dir, var_tmp_dir);
268 for (m = mounts; m < mounts + n; ++m) {
269 r = make_read_only(m);
274 /* Remount / as the desired mode */
275 if (mount(NULL, "/", NULL, mount_flags | MS_REC, NULL) < 0) {
283 for (m = mounts; m < mounts + n; ++m) {
285 umount2(m->path, MNT_DETACH);
~ianmdlvl / elogind.git / blob