From 5664e6cf463920a3365a891f07bad98207ff5aab Mon Sep 17 00:00:00 2001 From: Evgeny Vereshchagin Date: Sat, 24 Oct 2015 22:48:33 +0000 Subject: run: can launch units with ProtectSystem --- src/core/dbus-execute.c | 26 ++++++++++++++++++++++++++ src/shared/bus-util.c | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index b8da66c985..47531e2354 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -1334,6 +1334,32 @@ int bus_exec_context_set_transient_property( return 1; + } else if (streq(name, "ProtectSystem")) { + const char *s; + ProtectSystem ps; + + r = sd_bus_message_read(message, "s", &s); + if (r < 0) + return r; + + r = parse_boolean(s); + if (r > 0) + ps = PROTECT_SYSTEM_YES; + else if (r == 0) + ps = PROTECT_SYSTEM_NO; + else { + ps = protect_system_from_string(s); + if (ps < 0) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to parse protect system value"); + } + + if (mode != UNIT_CHECK) { + c->protect_system = ps; + unit_write_drop_in_private_format(u, mode, name, "%s=%s\n", name, s); + } + + return 1; + } else if (rlimit_from_string(name) >= 0) { uint64_t rl; rlim_t x; diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c index 9c4d6a2da0..a106b64fd9 100644 --- a/src/shared/bus-util.c +++ b/src/shared/bus-util.c @@ -1507,7 +1507,7 @@ int bus_append_unit_property_assignment(sd_bus_message *m, const char *assignmen "UtmpIdentifier", "UtmpMode", "PAMName", "TTYPath", "StandardInput", "StandardOutput", "StandardError", "Description", "Slice", "Type", "WorkingDirectory", - "RootDirectory", "SyslogIdentifier")) + "RootDirectory", "SyslogIdentifier", "ProtectSystem")) r = sd_bus_message_append(m, "v", "s", eq); else if (streq(field, "SyslogLevel")) { -- cgit v1.2.3-54-g00ecf From 4e79ac4425ae36a02ba511ebc1c63a9f1a7d2d37 Mon Sep 17 00:00:00 2001 From: Evgeny Vereshchagin Date: Sat, 24 Oct 2015 22:49:46 +0000 Subject: shell-completion: systemd-run: add the property ProtectSystem --- shell-completion/bash/systemd-run | 3 ++- shell-completion/zsh/_systemd-run | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/shell-completion/bash/systemd-run b/shell-completion/bash/systemd-run index 4940744f31..dee47d9dbe 100644 --- a/shell-completion/bash/systemd-run +++ b/shell-completion/bash/systemd-run @@ -85,7 +85,8 @@ _systemd_run() { PrivateNetwork= NoNewPrivileges= WorkingDirectory= RootDirectory= TTYPath= SyslogIdentifier= SyslogLevelPrefix= SyslogLevel= SyslogFacility= TimerSlackNSec= OOMScoreAdjust= ReadWriteDirectories= - ReadOnlyDirectories= InaccessibleDirectories= EnvironmentFile=' + ReadOnlyDirectories= InaccessibleDirectories= EnvironmentFile= + ProtectSystem=' COMPREPLY=( $(compgen -W '$comps' -- "$cur") ) return 0 diff --git a/shell-completion/zsh/_systemd-run b/shell-completion/zsh/_systemd-run index cd9d47b42b..3254d05135 100644 --- a/shell-completion/zsh/_systemd-run +++ b/shell-completion/zsh/_systemd-run @@ -39,6 +39,7 @@ _arguments \ TTYPath= SyslogIdentifier= SyslogLevelPrefix= SyslogLevel= \ SyslogFacility= TimerSlackNSec= OOMScoreAdjust= ReadWriteDirectories= \ ReadOnlyDirectories= InaccessibleDirectories= EnvironmentFile= \ + ProtectSystem= \ ))' \ '--description=[Description for unit]:description' \ '--slice=[Run in the specified slice]:slices:__slices' \ -- cgit v1.2.3-54-g00ecf