mount /run without MS_NOEXEC

diff --git a/src/mount-setup.c b/src/mount-setup.c
index 6feee6aa1675c2fb17e8328418626fcf378f27b2..f236ab741af7ea03137f6411e47625c167b00246 100644 (file)
--- a/src/mount-setup.c
+++ b/src/mount-setup.c
@@ -54,7 +54,7 @@ static const MountPoint mount_table[] = {
         { "devtmpfs", "/dev",                   "devtmpfs", "mode=755",          MS_NOSUID,                    true },
         { "tmpfs",    "/dev/shm",               "tmpfs",    "mode=1777",         MS_NOSUID|MS_NODEV,           true },
         { "devpts",   "/dev/pts",               "devpts",   "mode=620,gid=" STRINGIFY(TTY_GID), MS_NOSUID|MS_NOEXEC, false },
-        { "tmpfs",    "/run",                   "tmpfs",    "mode=755",          MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
+        { "tmpfs",    "/run",                   "tmpfs",    "mode=755",          MS_NOSUID|MS_NODEV, true },
         { "tmpfs",    "/sys/fs/cgroup",         "tmpfs",    "mode=755",          MS_NOSUID|MS_NOEXEC|MS_NODEV, false },
         { "cgroup",   "/sys/fs/cgroup/systemd", "cgroup",   "none,name=systemd", MS_NOSUID|MS_NOEXEC|MS_NODEV, false },
 };

diff --git a/src/nspawn.c b/src/nspawn.c
index 969c961895e3798dd5ad031ade9717eb6e681670..b5908d63fffc4320e179778900f35873fb021bb2 100644 (file)
--- a/src/nspawn.c
+++ b/src/nspawn.c
@@ -117,7 +117,7 @@ static int mount_all(const char *dest) {
                 { "sysfs",     "/sys",      "sysfs",     NULL,        MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, true },
                 { "tmpfs",     "/dev",      "tmpfs",     "mode=755",  MS_NOSUID, true },
                 { "/dev/pts",  "/dev/pts",  "bind",      NULL,        MS_BIND, true },
-                { "tmpfs",     "/run",      "tmpfs",     "mode=755",  MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
+                { "tmpfs",     "/run",      "tmpfs",     "mode=755",  MS_NOSUID|MS_NODEV, true },
 #ifdef HAVE_SELINUX
                 { "selinux",   "/selinux",  "selinuxfs", NULL,        MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, false },
 #endif