diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-08-26 17:25:40 +0200 |
|---|---|---|
| committer | Djalal Harouni <tixxdz@opendz.org> | 2016-09-25 10:52:57 +0200 |
| commit | cd2902c9546eabfffcf5d6de4d0bd4dfe6a4d427 (patch) | |
| tree | d187c1fc2ed9f734fb7d8c3344b94f755f9252fa | |
| parent | 54500613a46023fe991f424e21ed15948b9a74f5 (diff) | |
namespace: drop all mounts outside of the new root directory
There's no point in mounting these, if they are outside of the root directory
we'll move to.
| -rw-r--r-- | src/core/namespace.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/src/core/namespace.c b/src/core/namespace.c index a7451ffbdc..c9b2154985 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -199,6 +199,31 @@ static void drop_nop(BindMount *m, unsigned *n) { *n = t - m; } +static void drop_outside_root(const char *root_directory, BindMount *m, unsigned *n) { + BindMount *f, *t; + + assert(m); + assert(n); + + if (!root_directory) + return; + + /* Drops all mounts that are outside of the root directory. */ + + for (f = m, t = m; f < m+*n; f++) { + + if (!path_startswith(f->path, root_directory)) { + log_debug("%s is outside of root directory.", f->path); + continue; + } + + *t = *f; + t++; + } + + *n = t - m; +} + static int mount_dev(BindMount *m) { static const char devnodes[] = "/dev/null\0" @@ -631,6 +656,7 @@ int setup_namespace( qsort(mounts, n, sizeof(BindMount), mount_path_compare); drop_duplicates(mounts, &n); + drop_outside_root(root_directory, mounts, &n); drop_inaccessible(mounts, &n); drop_nop(mounts, &n); } |