X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fnamespace.c;h=4bef15fdf570941a91e1e5fd18a6c8c2cd334346;hp=ba1edbe512c593fa2256e056a58bdf4fb2d39f85;hb=047e111bdddfed52dabc7ff8242c2eec78e126fb;hpb=9eb977db5b89b44f254ab40c1876a76b7d7ea2d0 diff --git a/src/core/namespace.c b/src/core/namespace.c index ba1edbe51..4bef15fdf 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -131,7 +131,8 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d assert(inaccessible_dir); assert(private_dir); - if (!(where = strappend(root_dir, p->path))) + where = strappend(root_dir, p->path); + if (!where) return -ENOMEM; switch (p->mode) { @@ -157,7 +158,8 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d assert_not_reached("Unknown mode"); } - if ((r = mount(what, where, NULL, MS_BIND|MS_REC, NULL)) >= 0) { + r = mount(what, where, NULL, MS_BIND|MS_REC, NULL); + if (r >= 0) { log_debug("Successfully mounted %s to %s", what, where); /* The bind mount will always inherit the original @@ -205,9 +207,10 @@ int setup_namespace( strv_length(writable) + strv_length(readable) + strv_length(inaccessible) + - (private_tmp ? 2 : 1); + (private_tmp ? 3 : 1); - if (!(paths = new(Path, n))) + paths = new(Path, n); + if (!paths) return -ENOMEM; p = paths; @@ -220,6 +223,10 @@ int setup_namespace( p->path = "/tmp"; p->mode = PRIVATE; p++; + + p->path = "/var/tmp"; + p->mode = PRIVATE; + p++; } p->path = "/"; @@ -282,9 +289,11 @@ int setup_namespace( goto fail; } - for (p = paths; p < paths + n; p++) - if ((r = apply_mount(p, root_dir, inaccessible_dir, private_dir, flags)) < 0) + for (p = paths; p < paths + n; p++) { + r = apply_mount(p, root_dir, inaccessible_dir, private_dir, flags); + if (r < 0) goto undo_mounts; + } memcpy(old_root_dir, tmp_dir, sizeof(tmp_dir)-1); if (!mkdtemp(old_root_dir)) { @@ -341,7 +350,7 @@ fail: if (remove_tmp) rmdir(tmp_dir); - free(paths); + free(paths); return r; }