X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fnamespace.c;h=b6deab7081166a023424511676f0b2a93df96dea;hp=080c086fd4a01e22e11e23fb8c5e333f43e16b5a;hb=5331194c120520579eede9dba4bd9c3329629601;hpb=3900e5fdff688dc3c273f177d9d913b7389d5561

diff --git a/src/core/namespace.c b/src/core/namespace.c
index 080c086fd..b6deab708 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -357,7 +357,7 @@ int setup_namespace(
                 strv_length(inaccessible_dirs) +
                 private_dev +
                 (protect_home != PROTECT_HOME_NO ? 2 : 0) +
-                (protect_system != PROTECT_SYSTEM_NO ? 2 : 0) +
+                (protect_system != PROTECT_SYSTEM_NO ? 1 : 0) +
                 (protect_system == PROTECT_SYSTEM_FULL ? 1 : 0);
 
         if (n > 0) {
@@ -399,7 +399,7 @@ int setup_namespace(
                 }
 
                 if (protect_system != PROTECT_SYSTEM_NO) {
-                        r = append_mounts(&m, protect_system == PROTECT_SYSTEM_FULL ? STRV_MAKE("/usr", "/etc", "-/boot") : STRV_MAKE("/usr", "-/boot"), READONLY);
+                        r = append_mounts(&m, protect_system == PROTECT_SYSTEM_FULL ? STRV_MAKE("/usr", "/etc") : STRV_MAKE("/usr"), READONLY);
                         if (r < 0)
                                 return r;
                 }