X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fnamespace.c;h=ce10c790742c92bd35caf07bea1532d2b14479eb;hp=09bc82909f0f4d246b758b3606a6bb199735b983;hb=64825d3c589cd8742887f30acde8c57eceac2001;hpb=b30e2f4c18ad81b04e4314fd191a5d458553773c diff --git a/src/core/namespace.c b/src/core/namespace.c index 09bc82909..ce10c7907 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -6,16 +6,16 @@ Copyright 2010 Lennart Poettering systemd is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. systemd is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. + Lesser General Public License for more details. - You should have received a copy of the GNU General Public License + You should have received a copy of the GNU Lesser General Public License along with systemd; If not, see . ***/ @@ -33,6 +33,7 @@ #include "strv.h" #include "util.h" +#include "path-util.h" #include "namespace.h" #include "missing.h" @@ -130,7 +131,8 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d assert(inaccessible_dir); assert(private_dir); - if (!(where = strappend(root_dir, p->path))) + where = strappend(root_dir, p->path); + if (!where) return -ENOMEM; switch (p->mode) { @@ -156,7 +158,8 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d assert_not_reached("Unknown mode"); } - if ((r = mount(what, where, NULL, MS_BIND|MS_REC, NULL)) >= 0) { + r = mount(what, where, NULL, MS_BIND|MS_REC, NULL); + if (r >= 0) { log_debug("Successfully mounted %s to %s", what, where); /* The bind mount will always inherit the original @@ -167,7 +170,7 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d /* Avoid exponential growth of trees */ if (r >= 0 && path_equal(p->path, "/")) - r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_UNBINDABLE|flags, NULL); + r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|flags, NULL); if (r < 0) { r = -errno; @@ -204,9 +207,10 @@ int setup_namespace( strv_length(writable) + strv_length(readable) + strv_length(inaccessible) + - (private_tmp ? 2 : 1); + (private_tmp ? 3 : 1); - if (!(paths = new(Path, n))) + paths = new(Path, n); + if (!paths) return -ENOMEM; p = paths; @@ -219,6 +223,10 @@ int setup_namespace( p->path = "/tmp"; p->mode = PRIVATE; p++; + + p->path = "/var/tmp"; + p->mode = PRIVATE; + p++; } p->path = "/"; @@ -281,9 +289,11 @@ int setup_namespace( goto fail; } - for (p = paths; p < paths + n; p++) - if ((r = apply_mount(p, root_dir, inaccessible_dir, private_dir, flags)) < 0) + for (p = paths; p < paths + n; p++) { + r = apply_mount(p, root_dir, inaccessible_dir, private_dir, flags); + if (r < 0) goto undo_mounts; + } memcpy(old_root_dir, tmp_dir, sizeof(tmp_dir)-1); if (!mkdtemp(old_root_dir)) { @@ -302,6 +312,8 @@ int setup_namespace( goto undo_mounts; } + free(paths); + t = old_root_dir + sizeof(root_dir) - 1; if (umount2(t, MNT_DETACH) < 0) /* At this point it's too late to turn anything back, @@ -340,7 +352,7 @@ fail: if (remove_tmp) rmdir(tmp_dir); - free(paths); + free(paths); return r; }