chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
df1f0af
)
execute: setup namespace after doing NSS calls
author
Lennart Poettering
<lennart@poettering.net>
Wed, 16 Jun 2010 14:39:28 +0000
(16:39 +0200)
committer
Lennart Poettering
<lennart@poettering.net>
Wed, 16 Jun 2010 14:39:28 +0000
(16:39 +0200)
src/execute.c
patch
|
blob
|
history
diff --git
a/src/execute.c
b/src/execute.c
index b61c1f838b0377dbc23283742e32a238dc360ece..1a7871b4e030b374b4699a0bc8f91362a91b209c 100644
(file)
--- a/
src/execute.c
+++ b/
src/execute.c
@@
-914,19
+914,6
@@
int exec_spawn(ExecCommand *command,
goto fail;
}
goto fail;
}
- if (strv_length(context->read_write_dirs) > 0 ||
- strv_length(context->read_only_dirs) > 0 ||
- strv_length(context->inaccessible_dirs) > 0 ||
- context->mount_flags != MS_SHARED ||
- context->private_tmp)
- if ((r = setup_namespace(
- context->read_write_dirs,
- context->read_only_dirs,
- context->inaccessible_dirs,
- context->private_tmp,
- context->mount_flags)) < 0)
- goto fail;
-
if (context->user) {
username = context->user;
if (get_user_creds(&username, &uid, &gid, &home) < 0) {
if (context->user) {
username = context->user;
if (get_user_creds(&username, &uid, &gid, &home) < 0) {
@@
-949,6
+936,19
@@
int exec_spawn(ExecCommand *command,
umask(context->umask);
umask(context->umask);
+ if (strv_length(context->read_write_dirs) > 0 ||
+ strv_length(context->read_only_dirs) > 0 ||
+ strv_length(context->inaccessible_dirs) > 0 ||
+ context->mount_flags != MS_SHARED ||
+ context->private_tmp)
+ if ((r = setup_namespace(
+ context->read_write_dirs,
+ context->read_only_dirs,
+ context->inaccessible_dirs,
+ context->private_tmp,
+ context->mount_flags)) < 0)
+ goto fail;
+
if (apply_chroot) {
if (context->root_directory)
if (chroot(context->root_directory) < 0) {
if (apply_chroot) {
if (context->root_directory)
if (chroot(context->root_directory) < 0) {