diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-10-25 13:56:40 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-10-25 13:56:40 +0100 |
| commit | 7c257428969aaba2acc4e26753c86d6f4774354a (patch) | |
| tree | 70cca6d7b69e23b2105d403140cde59bac42ba78 /src | |
| parent | 8e0dfb6b8e7a0933c14ded7348e7b778a603aa37 (diff) | |
| parent | 4e79ac4425ae36a02ba511ebc1c63a9f1a7d2d37 (diff) | |
Merge pull request #1667 from evverx/run-protect-system
systemd-run can launch units with ProtectSystem
Diffstat (limited to 'src')
| -rw-r--r-- | src/core/dbus-execute.c | 26 | ||||
| -rw-r--r-- | src/shared/bus-util.c | 2 |
2 files changed, 27 insertions, 1 deletions
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index b8da66c985..47531e2354 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -1334,6 +1334,32 @@ int bus_exec_context_set_transient_property( return 1; + } else if (streq(name, "ProtectSystem")) { + const char *s; + ProtectSystem ps; + + r = sd_bus_message_read(message, "s", &s); + if (r < 0) + return r; + + r = parse_boolean(s); + if (r > 0) + ps = PROTECT_SYSTEM_YES; + else if (r == 0) + ps = PROTECT_SYSTEM_NO; + else { + ps = protect_system_from_string(s); + if (ps < 0) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to parse protect system value"); + } + + if (mode != UNIT_CHECK) { + c->protect_system = ps; + unit_write_drop_in_private_format(u, mode, name, "%s=%s\n", name, s); + } + + return 1; + } else if (rlimit_from_string(name) >= 0) { uint64_t rl; rlim_t x; diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c index 9c4d6a2da0..a106b64fd9 100644 --- a/src/shared/bus-util.c +++ b/src/shared/bus-util.c @@ -1507,7 +1507,7 @@ int bus_append_unit_property_assignment(sd_bus_message *m, const char *assignmen "UtmpIdentifier", "UtmpMode", "PAMName", "TTYPath", "StandardInput", "StandardOutput", "StandardError", "Description", "Slice", "Type", "WorkingDirectory", - "RootDirectory", "SyslogIdentifier")) + "RootDirectory", "SyslogIdentifier", "ProtectSystem")) r = sd_bus_message_append(m, "v", "s", eq); else if (streq(field, "SyslogLevel")) { |