diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/execute.c | 26 | 
1 files changed, 13 insertions, 13 deletions
| diff --git a/src/execute.c b/src/execute.c index b61c1f838b..1a7871b4e0 100644 --- a/src/execute.c +++ b/src/execute.c @@ -914,19 +914,6 @@ int exec_spawn(ExecCommand *command,                                  goto fail;                          } -                if (strv_length(context->read_write_dirs) > 0 || -                    strv_length(context->read_only_dirs) > 0 || -                    strv_length(context->inaccessible_dirs) > 0 || -                    context->mount_flags != MS_SHARED || -                    context->private_tmp) -                        if ((r = setup_namespace( -                                             context->read_write_dirs, -                                             context->read_only_dirs, -                                             context->inaccessible_dirs, -                                             context->private_tmp, -                                             context->mount_flags)) < 0) -                                goto fail; -                  if (context->user) {                          username = context->user;                          if (get_user_creds(&username, &uid, &gid, &home) < 0) { @@ -949,6 +936,19 @@ int exec_spawn(ExecCommand *command,                  umask(context->umask); +                if (strv_length(context->read_write_dirs) > 0 || +                    strv_length(context->read_only_dirs) > 0 || +                    strv_length(context->inaccessible_dirs) > 0 || +                    context->mount_flags != MS_SHARED || +                    context->private_tmp) +                        if ((r = setup_namespace( +                                             context->read_write_dirs, +                                             context->read_only_dirs, +                                             context->inaccessible_dirs, +                                             context->private_tmp, +                                             context->mount_flags)) < 0) +                                goto fail; +                  if (apply_chroot) {                          if (context->root_directory)                                  if (chroot(context->root_directory) < 0) { | 
