diff options
author | Lennart Poettering <lennart@poettering.net> | 2012-08-13 16:24:30 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2012-08-13 16:24:30 +0200 |
commit | aed5a525777be452c8a451793cf9c16990ac5515 (patch) | |
tree | b0b2388324393359cb8b4c319d9e1e570f97cfb0 | |
parent | b4c59701f8d439f84141d4858dc1aa339f4ec529 (diff) |
machine-id: properly mount transient machine ID read-only
-rw-r--r-- | src/core/machine-id-setup.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c index c6fd77ac8d..7f4c23b130 100644 --- a/src/core/machine-id-setup.c +++ b/src/core/machine-id-setup.c @@ -226,13 +226,17 @@ int machine_id_setup(void) { } /* And now, let's mount it over */ - r = mount("/run/machine-id", "/etc/machine-id", "bind", MS_BIND|MS_RDONLY, NULL) < 0 ? -errno : 0; + r = mount("/run/machine-id", "/etc/machine-id", NULL, MS_BIND, NULL) < 0 ? -errno : 0; if (r < 0) { unlink("/run/machine-id"); log_error("Failed to mount /etc/machine-id: %s", strerror(-r)); - } else + } else { log_info("Installed transient /etc/machine-id file."); + /* Mark the mount read-only */ + mount(NULL, "/etc/machine-id", NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL); + } + finish: if (fd >= 0) |