From 7f112f50fea585411ea2d493b3582bea77eb4d6e Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 20 Jan 2014 19:54:51 +0100
Subject: exec: introduce PrivateDevices= switch to provide services with a
 private /dev

Similar to PrivateNetwork=, PrivateTmp= introduce PrivateDevices= that
sets up a private /dev with only the API pseudo-devices like /dev/null,
/dev/zero, /dev/random, but not any physical devices in them.
---
 src/core/execute.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/core/execute.h')

diff --git a/src/core/execute.h b/src/core/execute.h
index 989373f481..4851152743 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -149,6 +149,7 @@ struct ExecContext {
         bool non_blocking;
         bool private_tmp;
         bool private_network;
+        bool private_devices;
 
         bool no_new_privileges;
 
-- 
cgit v1.2.3-54-g00ecf