summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--TODO2
-rw-r--r--src/core/namespace.c23
2 files changed, 16 insertions, 9 deletions
diff --git a/TODO b/TODO
index 89a35adc32..a3b4165559 100644
--- a/TODO
+++ b/TODO
@@ -97,8 +97,6 @@ Features:
* allow configuration of console width/height in vconsole.conf
-* PrivateTmp should apply to both /tmp and /var/tmp
-
* fstab should take priority over units in /usr
* cleanup syslog 'priority' vs. 'level' wording
diff --git a/src/core/namespace.c b/src/core/namespace.c
index ba1edbe512..4bef15fdf5 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -131,7 +131,8 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d
assert(inaccessible_dir);
assert(private_dir);
- if (!(where = strappend(root_dir, p->path)))
+ where = strappend(root_dir, p->path);
+ if (!where)
return -ENOMEM;
switch (p->mode) {
@@ -157,7 +158,8 @@ static int apply_mount(Path *p, const char *root_dir, const char *inaccessible_d
assert_not_reached("Unknown mode");
}
- if ((r = mount(what, where, NULL, MS_BIND|MS_REC, NULL)) >= 0) {
+ r = mount(what, where, NULL, MS_BIND|MS_REC, NULL);
+ if (r >= 0) {
log_debug("Successfully mounted %s to %s", what, where);
/* The bind mount will always inherit the original
@@ -205,9 +207,10 @@ int setup_namespace(
strv_length(writable) +
strv_length(readable) +
strv_length(inaccessible) +
- (private_tmp ? 2 : 1);
+ (private_tmp ? 3 : 1);
- if (!(paths = new(Path, n)))
+ paths = new(Path, n);
+ if (!paths)
return -ENOMEM;
p = paths;
@@ -220,6 +223,10 @@ int setup_namespace(
p->path = "/tmp";
p->mode = PRIVATE;
p++;
+
+ p->path = "/var/tmp";
+ p->mode = PRIVATE;
+ p++;
}
p->path = "/";
@@ -282,9 +289,11 @@ int setup_namespace(
goto fail;
}
- for (p = paths; p < paths + n; p++)
- if ((r = apply_mount(p, root_dir, inaccessible_dir, private_dir, flags)) < 0)
+ for (p = paths; p < paths + n; p++) {
+ r = apply_mount(p, root_dir, inaccessible_dir, private_dir, flags);
+ if (r < 0)
goto undo_mounts;
+ }
memcpy(old_root_dir, tmp_dir, sizeof(tmp_dir)-1);
if (!mkdtemp(old_root_dir)) {
@@ -341,7 +350,7 @@ fail:
if (remove_tmp)
rmdir(tmp_dir);
- free(paths);
+ free(paths);
return r;
}