summaryrefslogtreecommitdiff
path: root/src/core/namespace.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/core/namespace.c')
-rw-r--r--src/core/namespace.c38
1 files changed, 20 insertions, 18 deletions
diff --git a/src/core/namespace.c b/src/core/namespace.c
index 16b132ba56..936f36839b 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -222,7 +222,7 @@ int setup_namespace(char** read_write_dirs,
strv_length(read_only_dirs) +
strv_length(inaccessible_dirs) +
(private_tmp ? 2 : 0);
- BindMount *m, *mounts;
+ BindMount *m, *mounts = NULL;
int r = 0;
if (!mount_flags)
@@ -231,27 +231,29 @@ int setup_namespace(char** read_write_dirs,
if (unshare(CLONE_NEWNS) < 0)
return -errno;
- m = mounts = (BindMount *) alloca(n * sizeof(BindMount));
- if ((r = append_mounts(&m, read_write_dirs, READWRITE)) < 0 ||
- (r = append_mounts(&m, read_only_dirs, READONLY)) < 0 ||
- (r = append_mounts(&m, inaccessible_dirs, INACCESSIBLE)) < 0)
- return r;
+ if (n) {
+ m = mounts = (BindMount *) alloca(n * sizeof(BindMount));
+ if ((r = append_mounts(&m, read_write_dirs, READWRITE)) < 0 ||
+ (r = append_mounts(&m, read_only_dirs, READONLY)) < 0 ||
+ (r = append_mounts(&m, inaccessible_dirs, INACCESSIBLE)) < 0)
+ return r;
+
+ if (private_tmp) {
+ m->path = "/tmp";
+ m->mode = PRIVATE_TMP;
+ m++;
+
+ m->path = "/var/tmp";
+ m->mode = PRIVATE_VAR_TMP;
+ m++;
+ }
- if (private_tmp) {
- m->path = "/tmp";
- m->mode = PRIVATE_TMP;
- m++;
+ assert(mounts + n == m);
- m->path = "/var/tmp";
- m->mode = PRIVATE_VAR_TMP;
- m++;
+ qsort(mounts, n, sizeof(BindMount), mount_path_compare);
+ drop_duplicates(mounts, &n);
}
- assert(mounts + n == m);
-
- qsort(mounts, n, sizeof(BindMount), mount_path_compare);
- drop_duplicates(mounts, &n);
-
/* Remount / as SLAVE so that nothing now mounted in the namespace
shows up in the parent */
if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0)