chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
2abf99a
)
nspawn: bind mount /dev/nul to /proc/kmsg, so that the container can't muck with...
author
Lennart Poettering
<lennart@poettering.net>
Thu, 12 Apr 2012 10:58:08 +0000
(12:58 +0200)
committer
Lennart Poettering
<lennart@poettering.net>
Thu, 12 Apr 2012 10:58:19 +0000
(12:58 +0200)
src/nspawn.c
patch
|
blob
|
history
diff --git
a/src/nspawn.c
b/src/nspawn.c
index 7b65e9853c0772b010d6caf31679a2c9b7337efd..685b4d4e50d4b5c588ebd8374d028b2cb83b046b 100644
(file)
--- a/
src/nspawn.c
+++ b/
src/nspawn.c
@@
-184,7
+184,8
@@
static int mount_all(const char *dest) {
break;
}
- if ((t = path_is_mount_point(where, false)) < 0) {
+ t = path_is_mount_point(where, false);
+ if (t < 0) {
log_error("Failed to detect whether %s is a mount point: %s", where, strerror(-t));
free(where);
@@
-229,6
+230,11
@@
static int mount_all(const char *dest) {
free(where);
}
+ if (asprintf(&where, "%s/proc/kmsg", dest) >= 0) {
+ mount("/dev/null", where, "bind", MS_BIND, NULL);
+ free(where);
+ }
+
return r;
}