From 317cde8b80a611f6194aaba2dad418cc21eefe55 Mon Sep 17 00:00:00 2001 From: Daniel Mack Date: Fri, 17 Oct 2014 16:04:49 +0200 Subject: nspawn: fix DeviceAllow list Commit 864e17068 ("nspawn: actually allow access to /dev/net/tun in the container") added "/dev/net/tun" to the list of allowed devices but forgot to tweak the array length, which caused "/dev/kdbus/*" to be missed. --- src/nspawn/nspawn.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/nspawn/nspawn.c') diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index f04d326131..c567c8d272 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1545,7 +1545,7 @@ static int register_machine(pid_t pid, int local_ifindex) { return r; } - r = sd_bus_message_append(m, "(sv)", "DeviceAllow", "a(ss)", 10, + r = sd_bus_message_append(m, "(sv)", "DeviceAllow", "a(ss)", 11, /* Allow the container to * access and create the API * device nodes, so that -- cgit v1.2.3-54-g00ecf