sd-network: drop get_ifindices

[elogind.git] / src / core / namespace.c

diff --git a/src/core/namespace.c b/src/core/namespace.c
index d1513ce2ddea54da93b4a556cdca11e22f14081b..5466b7baec2a8cdd96c40ab5619c49b6f8c98e74 100644 (file)
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -69,6 +69,7 @@ static int append_mounts(BindMount **p, char **strv, MountMode mode) {
         STRV_FOREACH(i, strv) {
 
                 (*p)->ignore = false;
+                (*p)->done = false;
 
                 if ((mode == INACCESSIBLE || mode == READONLY || mode == READWRITE) && (*i)[0] == '-') {
                         (*p)->ignore = true;
@@ -333,7 +334,7 @@ static int make_read_only(BindMount *m) {
 
         if (IN_SET(m->mode, INACCESSIBLE, READONLY))
                 r = bind_remount_recursive(m->path, true);
-        else if (m->mode == READWRITE)
+        else if (IN_SET(m->mode, READWRITE, PRIVATE_TMP, PRIVATE_VAR_TMP, PRIVATE_DEV))
                 r = bind_remount_recursive(m->path, false);
         else
                 r = 0;
@@ -375,7 +376,7 @@ int setup_namespace(
                 (protect_system == PROTECT_SYSTEM_FULL ? 1 : 0);
 
         if (n > 0) {
-                m = mounts = (BindMount *) alloca(n * sizeof(BindMount));
+                m = mounts = (BindMount *) alloca0(n * sizeof(BindMount));
                 r = append_mounts(&m, read_write_dirs, READWRITE);
                 if (r < 0)
                         return r;