diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-10-25 13:56:40 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-10-25 13:56:40 +0100 |
| commit | 7c257428969aaba2acc4e26753c86d6f4774354a (patch) | |
| tree | 70cca6d7b69e23b2105d403140cde59bac42ba78 | |
| parent | 8e0dfb6b8e7a0933c14ded7348e7b778a603aa37 (diff) | |
| parent | 4e79ac4425ae36a02ba511ebc1c63a9f1a7d2d37 (diff) | |
Merge pull request #1667 from evverx/run-protect-system
systemd-run can launch units with ProtectSystem
| -rw-r--r-- | shell-completion/bash/systemd-run | 3 | ||||
| -rw-r--r-- | shell-completion/zsh/_systemd-run | 1 | ||||
| -rw-r--r-- | src/core/dbus-execute.c | 26 | ||||
| -rw-r--r-- | src/shared/bus-util.c | 2 |
4 files changed, 30 insertions, 2 deletions
diff --git a/shell-completion/bash/systemd-run b/shell-completion/bash/systemd-run index 4940744f31..dee47d9dbe 100644 --- a/shell-completion/bash/systemd-run +++ b/shell-completion/bash/systemd-run @@ -85,7 +85,8 @@ _systemd_run() { PrivateNetwork= NoNewPrivileges= WorkingDirectory= RootDirectory= TTYPath= SyslogIdentifier= SyslogLevelPrefix= SyslogLevel= SyslogFacility= TimerSlackNSec= OOMScoreAdjust= ReadWriteDirectories= - ReadOnlyDirectories= InaccessibleDirectories= EnvironmentFile=' + ReadOnlyDirectories= InaccessibleDirectories= EnvironmentFile= + ProtectSystem=' COMPREPLY=( $(compgen -W '$comps' -- "$cur") ) return 0 diff --git a/shell-completion/zsh/_systemd-run b/shell-completion/zsh/_systemd-run index cd9d47b42b..3254d05135 100644 --- a/shell-completion/zsh/_systemd-run +++ b/shell-completion/zsh/_systemd-run @@ -39,6 +39,7 @@ _arguments \ TTYPath= SyslogIdentifier= SyslogLevelPrefix= SyslogLevel= \ SyslogFacility= TimerSlackNSec= OOMScoreAdjust= ReadWriteDirectories= \ ReadOnlyDirectories= InaccessibleDirectories= EnvironmentFile= \ + ProtectSystem= \ ))' \ '--description=[Description for unit]:description' \ '--slice=[Run in the specified slice]:slices:__slices' \ diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index b8da66c985..47531e2354 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -1334,6 +1334,32 @@ int bus_exec_context_set_transient_property( return 1; + } else if (streq(name, "ProtectSystem")) { + const char *s; + ProtectSystem ps; + + r = sd_bus_message_read(message, "s", &s); + if (r < 0) + return r; + + r = parse_boolean(s); + if (r > 0) + ps = PROTECT_SYSTEM_YES; + else if (r == 0) + ps = PROTECT_SYSTEM_NO; + else { + ps = protect_system_from_string(s); + if (ps < 0) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to parse protect system value"); + } + + if (mode != UNIT_CHECK) { + c->protect_system = ps; + unit_write_drop_in_private_format(u, mode, name, "%s=%s\n", name, s); + } + + return 1; + } else if (rlimit_from_string(name) >= 0) { uint64_t rl; rlim_t x; diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c index 9c4d6a2da0..a106b64fd9 100644 --- a/src/shared/bus-util.c +++ b/src/shared/bus-util.c @@ -1507,7 +1507,7 @@ int bus_append_unit_property_assignment(sd_bus_message *m, const char *assignmen "UtmpIdentifier", "UtmpMode", "PAMName", "TTYPath", "StandardInput", "StandardOutput", "StandardError", "Description", "Slice", "Type", "WorkingDirectory", - "RootDirectory", "SyslogIdentifier")) + "RootDirectory", "SyslogIdentifier", "ProtectSystem")) r = sd_bus_message_append(m, "v", "s", eq); else if (streq(field, "SyslogLevel")) { |