summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2010-06-16 16:39:28 +0200
committerLennart Poettering <lennart@poettering.net>2010-06-16 16:39:28 +0200
commit04aa0cb9c46f0a5cd0cf5b4a4e378460423d2635 (patch)
tree8ef7a9845a90dbe63bf0758cc7de297e5ab407d3
parentdf1f0afe0c0d044a42ee726fa03730291d7082ee (diff)
execute: setup namespace after doing NSS calls
-rw-r--r--src/execute.c26
1 files changed, 13 insertions, 13 deletions
diff --git a/src/execute.c b/src/execute.c
index b61c1f838b..1a7871b4e0 100644
--- a/src/execute.c
+++ b/src/execute.c
@@ -914,19 +914,6 @@ int exec_spawn(ExecCommand *command,
goto fail;
}
- if (strv_length(context->read_write_dirs) > 0 ||
- strv_length(context->read_only_dirs) > 0 ||
- strv_length(context->inaccessible_dirs) > 0 ||
- context->mount_flags != MS_SHARED ||
- context->private_tmp)
- if ((r = setup_namespace(
- context->read_write_dirs,
- context->read_only_dirs,
- context->inaccessible_dirs,
- context->private_tmp,
- context->mount_flags)) < 0)
- goto fail;
-
if (context->user) {
username = context->user;
if (get_user_creds(&username, &uid, &gid, &home) < 0) {
@@ -949,6 +936,19 @@ int exec_spawn(ExecCommand *command,
umask(context->umask);
+ if (strv_length(context->read_write_dirs) > 0 ||
+ strv_length(context->read_only_dirs) > 0 ||
+ strv_length(context->inaccessible_dirs) > 0 ||
+ context->mount_flags != MS_SHARED ||
+ context->private_tmp)
+ if ((r = setup_namespace(
+ context->read_write_dirs,
+ context->read_only_dirs,
+ context->inaccessible_dirs,
+ context->private_tmp,
+ context->mount_flags)) < 0)
+ goto fail;
+
if (apply_chroot) {
if (context->root_directory)
if (chroot(context->root_directory) < 0) {