- m = mounts = (BindMount *) alloca(n * sizeof(BindMount));
- if ((r = append_mounts(&m, read_write_dirs, READWRITE)) < 0 ||
- (r = append_mounts(&m, read_only_dirs, READONLY)) < 0 ||
- (r = append_mounts(&m, inaccessible_dirs, INACCESSIBLE)) < 0)
- return r;
+ if (n) {
+ m = mounts = (BindMount *) alloca(n * sizeof(BindMount));
+ if ((r = append_mounts(&m, read_write_dirs, READWRITE)) < 0 ||
+ (r = append_mounts(&m, read_only_dirs, READONLY)) < 0 ||
+ (r = append_mounts(&m, inaccessible_dirs, INACCESSIBLE)) < 0)
+ return r;
+
+ if (private_tmp) {
+ m->path = "/tmp";
+ m->mode = PRIVATE_TMP;
+ m++;
+
+ m->path = "/var/tmp";
+ m->mode = PRIVATE_VAR_TMP;
+ m++;
+ }