core: skip ReadOnlyPaths= and other permission-related mounts on PermissionsStartOnly= (#5309)

ReadOnlyPaths=, ProtectHome=, InaccessiblePaths= and ProtectSystem= are
about restricting access and little more, hence they should be disabled
if PermissionsStartOnly= is used or ExecStart= lines are prefixed with a
"+". Do that.

(Note that we will still create namespaces and stuff, since that's about
a lot more than just permissions. We'll simply disable the effect of
the four options mentioned above, but nothing else mount related.)

This also adds a test for this, to ensure this works as intended.

No documentation updates, as the documentation are already vague enough
to support the new behaviour ("If true, the permission-related execution
options…"). We could clarify this further, but I think we might want to
extend the switches' behaviour a bit more in future, hence leave it at
this for now.

Fixes: #5308

1 files changed, 5 insertions, 0 deletions

diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index bc9a2021f9..1e479b9843 100644
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -422,6 +422,10 @@ static void test_exec_spec_interpolation(Manager *m) {
         test(m, "exec-spec-interpolation.service", 0, CLD_EXITED);
 }
 
+static void test_exec_read_only_path_suceed(Manager *m) {
+        test(m, "exec-read-only-path-succeed.service", 0, CLD_EXITED);
+}
+
 static int run_tests(UnitFileScope scope, const test_function_t *tests) {
         const test_function_t *test = NULL;
         Manager *m = NULL;
@@ -475,6 +479,7 @@ int main(int argc, char *argv[]) {
                 test_exec_oomscoreadjust,
                 test_exec_ioschedulingclass,
                 test_exec_spec_interpolation,
+                test_exec_read_only_path_suceed,
                 NULL,
         };
         static const test_function_t system_tests[] = {