From 7f112f50fea585411ea2d493b3582bea77eb4d6e Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Mon, 20 Jan 2014 19:54:51 +0100 Subject: exec: introduce PrivateDevices= switch to provide services with a private /dev Similar to PrivateNetwork=, PrivateTmp= introduce PrivateDevices= that sets up a private /dev with only the API pseudo-devices like /dev/null, /dev/zero, /dev/random, but not any physical devices in them. --- src/shared/def.h | 4 ++++ src/shared/dev-setup.c | 16 ++++++++-------- src/shared/dev-setup.h | 2 +- 3 files changed, 13 insertions(+), 9 deletions(-) (limited to 'src/shared') diff --git a/src/shared/def.h b/src/shared/def.h index ac325bf8f9..a2304fddda 100644 --- a/src/shared/def.h +++ b/src/shared/def.h @@ -71,3 +71,7 @@ #define UNIX_USER_BUS_FMT "unix:path=%s/bus" #define KERNEL_USER_BUS_FMT "kernel:path=/dev/kdbus/%lu-user/bus" + +#ifndef TTY_GID +#define TTY_GID 5 +#endif diff --git a/src/shared/dev-setup.c b/src/shared/dev-setup.c index 50a187fda9..e025e17bbe 100644 --- a/src/shared/dev-setup.c +++ b/src/shared/dev-setup.c @@ -50,7 +50,7 @@ static int symlink_and_label(const char *old_path, const char *new_path) { return r; } -void dev_setup(const char *prefix) { +int dev_setup(const char *prefix) { const char *j, *k; static const char symlinks[] = @@ -69,16 +69,16 @@ void dev_setup(const char *prefix) { } if (prefix) { - char *linkname; + _cleanup_free_ char *link_name = NULL; - if (asprintf(&linkname, "%s/%s", prefix, k) < 0) { - log_oom(); - break; - } + link_name = strjoin(prefix, "/", k, NULL); + if (!link_name) + return -ENOMEM; - symlink_and_label(j, linkname); - free(linkname); + symlink_and_label(j, link_name); } else symlink_and_label(j, k); } + + return 0; } diff --git a/src/shared/dev-setup.h b/src/shared/dev-setup.h index 320c0b30ba..d41b6eefba 100644 --- a/src/shared/dev-setup.h +++ b/src/shared/dev-setup.h @@ -21,4 +21,4 @@ along with systemd; If not, see . ***/ -void dev_setup(const char *pathprefix); +int dev_setup(const char *pathprefix); -- cgit v1.2.3-54-g00ecf