summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuca Bruno <luca.bruno@coreos.com>2016-09-24 12:30:42 +0000
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-09-24 08:30:42 -0400
commit48a8d337a62cfa444769dfb8b1a7857fd8fb50e6 (patch)
tree0024087eb8dda4a25202ad0b58a53ad2f0fe632e
parenta4d373452dc71d8a4e03608e7b64de0923042df8 (diff)
nspawn: decouple --boot from CLONE_NEWIPC (#4180)
This commit is a minor tweak after the split of `--share-system`, decoupling the `--boot` option from IPC namespacing. Historically there has been a single `--share-system` option for sharing IPC/PID/UTS with the host, which was incompatible with boot/pid1 mode. After the split, it is now possible to express the requirements with better granularity. For reference, this is a followup to #4023 which contains references to previous discussions. I realized too late that CLONE_NEWIPC is not strictly needed for boot mode.
-rw-r--r--src/nspawn/nspawn.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 632c12898f..0d61d34ebf 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1045,7 +1045,8 @@ static int parse_argv(int argc, char *argv[]) {
parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_UTS", CLONE_NEWUTS);
parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_SYSTEM", CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWUTS);
- if (arg_clone_ns_flags != (CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWUTS)) {
+ if (!(arg_clone_ns_flags & CLONE_NEWPID) ||
+ !(arg_clone_ns_flags & CLONE_NEWUTS)) {
arg_register = false;
if (arg_start_mode != START_PID1) {
log_error("--boot cannot be used without namespacing.");