diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-07-19 21:17:49 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-07-19 21:17:49 +0200 |
| commit | 069a92c6581a2ee4fc0f0f9430f54412e6e3026b (patch) | |
| tree | 02fb11f404687d06d5c7a5792c7e425604f16c30 /src/core/mount-setup.c | |
| parent | 4526e15d064c77a61cf79c595c3384effd66d31b (diff) | |
| parent | 2a624c36e646e9ef8d204a506b12e7dbd380e111 (diff) | |
Merge pull request #3685 from kinvolk/alessandro/inaccessible-paths
namespace: unify limit behavior on non-directory paths
Diffstat (limited to 'src/core/mount-setup.c')
| -rw-r--r-- | src/core/mount-setup.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c index f9c9b4a91f..5d8ab0ec70 100644 --- a/src/core/mount-setup.c +++ b/src/core/mount-setup.c @@ -28,6 +28,7 @@ #include "cgroup-util.h" #include "dev-setup.h" #include "efivars.h" +#include "fs-util.h" #include "label.h" #include "log.h" #include "macro.h" @@ -403,9 +404,16 @@ int mount_setup(bool loaded_policy) { * really needs to stay for good, otherwise software that * copied sd-daemon.c into their sources will misdetect * systemd. */ - mkdir_label("/run/systemd", 0755); - mkdir_label("/run/systemd/system", 0755); - mkdir_label("/run/systemd/inaccessible", 0000); + (void) mkdir_label("/run/systemd", 0755); + (void) mkdir_label("/run/systemd/system", 0755); + (void) mkdir_label("/run/systemd/inaccessible", 0000); + /* Set up inaccessible items */ + (void) mknod("/run/systemd/inaccessible/reg", S_IFREG | 0000, 0); + (void) mkdir_label("/run/systemd/inaccessible/dir", 0000); + (void) mknod("/run/systemd/inaccessible/chr", S_IFCHR | 0000, makedev(0, 0)); + (void) mknod("/run/systemd/inaccessible/blk", S_IFBLK | 0000, makedev(0, 0)); + (void) mkfifo("/run/systemd/inaccessible/fifo", 0000); + (void) mknod("/run/systemd/inaccessible/sock", S_IFSOCK | 0000, 0); return 0; } |