Merge pull request #7045 from poettering/namespace-casing
some super-trivial fixes to namespace.c
This commit is contained in:
commit
7081228acd
|
@ -2270,7 +2270,7 @@ static int apply_mount_namespace(
|
||||||
_cleanup_strv_free_ char **rw = NULL, **empty_directories = NULL;
|
_cleanup_strv_free_ char **rw = NULL, **empty_directories = NULL;
|
||||||
char *tmp = NULL, *var = NULL;
|
char *tmp = NULL, *var = NULL;
|
||||||
const char *root_dir = NULL, *root_image = NULL;
|
const char *root_dir = NULL, *root_image = NULL;
|
||||||
NameSpaceInfo ns_info = {
|
NamespaceInfo ns_info = {
|
||||||
.ignore_protect_paths = false,
|
.ignore_protect_paths = false,
|
||||||
.private_dev = context->private_devices,
|
.private_dev = context->private_devices,
|
||||||
.protect_control_groups = context->protect_control_groups,
|
.protect_control_groups = context->protect_control_groups,
|
||||||
|
|
|
@ -898,7 +898,7 @@ static int make_read_only(MountEntry *m, char **blacklist, FILE *proc_self_mount
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool namespace_info_mount_apivfs(const char *root_directory, const NameSpaceInfo *ns_info) {
|
static bool namespace_info_mount_apivfs(const char *root_directory, const NamespaceInfo *ns_info) {
|
||||||
assert(ns_info);
|
assert(ns_info);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -916,7 +916,7 @@ static bool namespace_info_mount_apivfs(const char *root_directory, const NameSp
|
||||||
|
|
||||||
static unsigned namespace_calculate_mounts(
|
static unsigned namespace_calculate_mounts(
|
||||||
const char* root_directory,
|
const char* root_directory,
|
||||||
const NameSpaceInfo *ns_info,
|
const NamespaceInfo *ns_info,
|
||||||
char** read_write_paths,
|
char** read_write_paths,
|
||||||
char** read_only_paths,
|
char** read_only_paths,
|
||||||
char** inaccessible_paths,
|
char** inaccessible_paths,
|
||||||
|
@ -960,7 +960,7 @@ static unsigned namespace_calculate_mounts(
|
||||||
int setup_namespace(
|
int setup_namespace(
|
||||||
const char* root_directory,
|
const char* root_directory,
|
||||||
const char* root_image,
|
const char* root_image,
|
||||||
const NameSpaceInfo *ns_info,
|
const NamespaceInfo *ns_info,
|
||||||
char** read_write_paths,
|
char** read_write_paths,
|
||||||
char** read_only_paths,
|
char** read_only_paths,
|
||||||
char** inaccessible_paths,
|
char** inaccessible_paths,
|
||||||
|
@ -1431,12 +1431,11 @@ fail:
|
||||||
bool ns_type_supported(NamespaceType type) {
|
bool ns_type_supported(NamespaceType type) {
|
||||||
const char *t, *ns_proc;
|
const char *t, *ns_proc;
|
||||||
|
|
||||||
if (type <= _NAMESPACE_TYPE_INVALID || type >= _NAMESPACE_TYPE_MAX)
|
t = namespace_type_to_string(type);
|
||||||
|
if (!t) /* Don't know how to translate this? Then it's not supported */
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
t = namespace_type_to_string(type);
|
|
||||||
ns_proc = strjoina("/proc/self/ns/", t);
|
ns_proc = strjoina("/proc/self/ns/", t);
|
||||||
|
|
||||||
return access(ns_proc, F_OK) == 0;
|
return access(ns_proc, F_OK) == 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||||
***/
|
***/
|
||||||
|
|
||||||
typedef struct NameSpaceInfo NameSpaceInfo;
|
typedef struct NamespaceInfo NamespaceInfo;
|
||||||
typedef struct BindMount BindMount;
|
typedef struct BindMount BindMount;
|
||||||
|
|
||||||
#include <stdbool.h>
|
#include <stdbool.h>
|
||||||
|
@ -57,7 +57,7 @@ typedef enum ProtectSystem {
|
||||||
_PROTECT_SYSTEM_INVALID = -1
|
_PROTECT_SYSTEM_INVALID = -1
|
||||||
} ProtectSystem;
|
} ProtectSystem;
|
||||||
|
|
||||||
struct NameSpaceInfo {
|
struct NamespaceInfo {
|
||||||
bool ignore_protect_paths:1;
|
bool ignore_protect_paths:1;
|
||||||
bool private_dev:1;
|
bool private_dev:1;
|
||||||
bool protect_control_groups:1;
|
bool protect_control_groups:1;
|
||||||
|
@ -77,7 +77,7 @@ struct BindMount {
|
||||||
int setup_namespace(
|
int setup_namespace(
|
||||||
const char *root_directory,
|
const char *root_directory,
|
||||||
const char *root_image,
|
const char *root_image,
|
||||||
const NameSpaceInfo *ns_info,
|
const NamespaceInfo *ns_info,
|
||||||
char **read_write_paths,
|
char **read_write_paths,
|
||||||
char **read_only_paths,
|
char **read_only_paths,
|
||||||
char **inaccessible_paths,
|
char **inaccessible_paths,
|
||||||
|
|
|
@ -46,7 +46,7 @@ int main(int argc, char *argv[]) {
|
||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
static const NameSpaceInfo ns_info = {
|
static const NamespaceInfo ns_info = {
|
||||||
.private_dev = true,
|
.private_dev = true,
|
||||||
.protect_control_groups = true,
|
.protect_control_groups = true,
|
||||||
.protect_kernel_tunables = true,
|
.protect_kernel_tunables = true,
|
||||||
|
|
Loading…
Reference in a new issue