summaryrefslogtreecommitdiff
path: root/src/core/mount-setup.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-07-19 21:17:49 +0200
committerGitHub <noreply@github.com>2016-07-19 21:17:49 +0200
commit069a92c6581a2ee4fc0f0f9430f54412e6e3026b (patch)
tree02fb11f404687d06d5c7a5792c7e425604f16c30 /src/core/mount-setup.c
parent4526e15d064c77a61cf79c595c3384effd66d31b (diff)
parent2a624c36e646e9ef8d204a506b12e7dbd380e111 (diff)
Merge pull request #3685 from kinvolk/alessandro/inaccessible-paths
namespace: unify limit behavior on non-directory paths
Diffstat (limited to 'src/core/mount-setup.c')
-rw-r--r--src/core/mount-setup.c14
1 files changed, 11 insertions, 3 deletions
diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
index f9c9b4a91f..5d8ab0ec70 100644
--- a/src/core/mount-setup.c
+++ b/src/core/mount-setup.c
@@ -28,6 +28,7 @@
#include "cgroup-util.h"
#include "dev-setup.h"
#include "efivars.h"
+#include "fs-util.h"
#include "label.h"
#include "log.h"
#include "macro.h"
@@ -403,9 +404,16 @@ int mount_setup(bool loaded_policy) {
* really needs to stay for good, otherwise software that
* copied sd-daemon.c into their sources will misdetect
* systemd. */
- mkdir_label("/run/systemd", 0755);
- mkdir_label("/run/systemd/system", 0755);
- mkdir_label("/run/systemd/inaccessible", 0000);
+ (void) mkdir_label("/run/systemd", 0755);
+ (void) mkdir_label("/run/systemd/system", 0755);
+ (void) mkdir_label("/run/systemd/inaccessible", 0000);
+ /* Set up inaccessible items */
+ (void) mknod("/run/systemd/inaccessible/reg", S_IFREG | 0000, 0);
+ (void) mkdir_label("/run/systemd/inaccessible/dir", 0000);
+ (void) mknod("/run/systemd/inaccessible/chr", S_IFCHR | 0000, makedev(0, 0));
+ (void) mknod("/run/systemd/inaccessible/blk", S_IFBLK | 0000, makedev(0, 0));
+ (void) mkfifo("/run/systemd/inaccessible/fifo", 0000);
+ (void) mknod("/run/systemd/inaccessible/sock", S_IFSOCK | 0000, 0);
return 0;
}