diff options
| -rw-r--r-- | src/core/namespace.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/src/core/namespace.c b/src/core/namespace.c index aca47a4d2f..ee705af6b8 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -141,13 +141,13 @@ static const BindMount protect_system_full_table[] = { * shall manage those, orthogonally). */ static const BindMount protect_system_strict_table[] = { - { "/", READONLY, false }, - { "/proc", READWRITE, false }, /* ProtectKernelTunables= */ - { "/sys", READWRITE, false }, /* ProtectKernelTunables= */ - { "/dev", READWRITE, false }, /* PrivateDevices= */ - { "/home", READWRITE, true }, /* ProtectHome= */ - { "/run/user", READWRITE, true }, /* ProtectHome= */ - { "/root", READWRITE, true }, /* ProtectHome= */ + { "/", READONLY, false }, + { "/proc", READWRITE, false }, /* ProtectKernelTunables= */ + { "/sys", READWRITE, false }, /* ProtectKernelTunables= */ + { "/dev", READWRITE, false }, /* PrivateDevices= */ + { "/home", READWRITE, true }, /* ProtectHome= */ + { "/run/user", READWRITE, true }, /* ProtectHome= */ + { "/root", READWRITE, true }, /* ProtectHome= */ }; static const char *bind_mount_path(const BindMount *p) { |