picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

execute: setup namespace after doing NSS calls

This commit is contained in:
Lennart Poettering 2010-06-16 16:39:28 +02:00
parent df1f0afe0c
commit 04aa0cb9c4
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/execute.c
View File

@ -914,19 +914,6 @@ int exec_spawn(ExecCommand *command,
goto fail;
}
if (strv_length(context->read_write_dirs) > 0 ||
strv_length(context->read_only_dirs) > 0 ||
strv_length(context->inaccessible_dirs) > 0 ||
context->mount_flags != MS_SHARED ||
context->private_tmp)
if ((r = setup_namespace(
context->read_write_dirs,
context->read_only_dirs,
context->inaccessible_dirs,
context->private_tmp,
context->mount_flags)) < 0)
goto fail;
if (context->user) {
username = context->user;
if (get_user_creds(&username, &uid, &gid, &home) < 0) {
@ -949,6 +936,19 @@ int exec_spawn(ExecCommand *command,
umask(context->umask);
if (strv_length(context->read_write_dirs) > 0 ||
strv_length(context->read_only_dirs) > 0 ||
strv_length(context->inaccessible_dirs) > 0 ||
context->mount_flags != MS_SHARED ||
context->private_tmp)
if ((r = setup_namespace(
context->read_write_dirs,
context->read_only_dirs,
context->inaccessible_dirs,
context->private_tmp,
context->mount_flags)) < 0)
goto fail;
if (apply_chroot) {
if (context->root_directory)
if (chroot(context->root_directory) < 0) {