1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <sys/mount.h>
28 #include <sys/types.h>
30 #include <sys/syscall.h>
36 #include "path-util.h"
37 #include "namespace.h"
41 typedef enum MountMode {
42 /* This is ordered by priority! */
50 typedef struct BindMount {
56 static int append_mounts(BindMount **p, char **strv, MountMode mode) {
59 STRV_FOREACH(i, strv) {
61 if (!path_is_absolute(*i))
72 static int mount_path_compare(const void *a, const void *b) {
73 const BindMount *p = a, *q = b;
75 if (path_equal(p->path, q->path)) {
77 /* If the paths are equal, check the mode */
78 if (p->mode < q->mode)
81 if (p->mode > q->mode)
87 /* If the paths are not equal, then order prefixes first */
88 if (path_startswith(p->path, q->path))
91 if (path_startswith(q->path, p->path))
97 static void drop_duplicates(BindMount *m, unsigned *n) {
98 BindMount *f, *t, *previous;
103 for (f = m, t = m, previous = NULL; f < m+*n; f++) {
105 /* The first one wins */
106 if (previous && path_equal(f->path, previous->path))
120 static int apply_mount(
123 const char *var_tmp_dir) {
133 what = "/run/systemd/inaccessible";
145 case PRIVATE_VAR_TMP:
150 assert_not_reached("Unknown mode");
155 r = mount(what, m->path, NULL, MS_BIND|MS_REC, NULL);
157 log_debug("Successfully mounted %s to %s", what, m->path);
162 static int make_read_only(BindMount *m) {
167 if (m->mode != INACCESSIBLE && m->mode != READONLY)
170 r = mount(NULL, m->path, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY|MS_REC, NULL);
177 int setup_tmpdirs(char **tmp_dir,
178 char **var_tmp_dir) {
180 char tmp_dir_template[] = "/tmp/systemd-private-XXXXXX",
181 var_tmp_dir_template[] = "/var/tmp/systemd-private-XXXXXX";
186 r = create_tmp_dir(tmp_dir_template, tmp_dir);
190 r = create_tmp_dir(var_tmp_dir_template, var_tmp_dir);
196 rmdir(tmp_dir_template);
203 int setup_namespace(char** read_write_dirs,
204 char** read_only_dirs,
205 char** inaccessible_dirs,
209 unsigned mount_flags) {
211 unsigned n = strv_length(read_write_dirs) +
212 strv_length(read_only_dirs) +
213 strv_length(inaccessible_dirs) +
214 (private_tmp ? 2 : 0);
215 BindMount *m, *mounts;
219 mount_flags = MS_SHARED;
221 if (unshare(CLONE_NEWNS) < 0) {
226 m = mounts = (BindMount *) alloca(n * sizeof(BindMount));
227 if ((r = append_mounts(&m, read_write_dirs, READWRITE)) < 0 ||
228 (r = append_mounts(&m, read_only_dirs, READONLY)) < 0 ||
229 (r = append_mounts(&m, inaccessible_dirs, INACCESSIBLE)) < 0)
234 m->mode = PRIVATE_TMP;
237 m->path = "/var/tmp";
238 m->mode = PRIVATE_VAR_TMP;
242 assert(mounts + n == m);
244 qsort(mounts, n, sizeof(BindMount), mount_path_compare);
245 drop_duplicates(mounts, &n);
247 /* Remount / as SLAVE so that nothing now mounted in the namespace
248 shows up in the parent */
249 if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0) {
254 for (m = mounts; m < mounts + n; ++m) {
255 r = apply_mount(m, tmp_dir, var_tmp_dir);
260 for (m = mounts; m < mounts + n; ++m) {
261 r = make_read_only(m);
266 /* Remount / as the desired mode */
267 if (mount(NULL, "/", NULL, mount_flags | MS_REC, NULL) < 0) {
275 for (m = mounts; m < mounts + n; ++m) {
277 umount2(m->path, MNT_DETACH);
~ianmdlvl / elogind.git / blob