namespace: make sure /tmp, /var/tmp and /dev are writable in namespaces we set up

author Lennart Poettering <lennart@poettering.net>

Thu, 3 Jul 2014 14:27:57 +0000 (16:27 +0200)

committer Lennart Poettering <lennart@poettering.net>

Thu, 3 Jul 2014 14:28:26 +0000 (16:28 +0200)
author Lennart Poettering <lennart@poettering.net>
Thu, 3 Jul 2014 14:27:57 +0000 (16:27 +0200)
committer Lennart Poettering <lennart@poettering.net>
Thu, 3 Jul 2014 14:28:26 +0000 (16:28 +0200)
diff --git a/src/core/namespace.c b/src/core/namespace.c

index 1d0f740afab5d1ebe8ee64484c9674b473e0454f..5466b7baec2a8cdd96c40ab5619c49b6f8c98e74 100644 (file)
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -334,7 +334,7 @@ static int make_read_only(BindMount *m) {
  
          if (IN_SET(m->mode, INACCESSIBLE, READONLY))
                  r = bind_remount_recursive(m->path, true);
-        else if (m->mode == READWRITE)
+        else if (IN_SET(m->mode, READWRITE, PRIVATE_TMP, PRIVATE_VAR_TMP, PRIVATE_DEV))
                  r = bind_remount_recursive(m->path, false);
          else
                  r = 0;
author	Lennart Poettering <lennart@poettering.net>
	Thu, 3 Jul 2014 14:27:57 +0000 (16:27 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Thu, 3 Jul 2014 14:28:26 +0000 (16:28 +0200)