From 74e125207283c029b373f9a9b8c0ed32921dc97b Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 1 Oct 2020 10:42:10 +0200
Subject: [PATCH] execute: add helper for checking if root_directory/root_image
 are set in ExecContext

---
 src/core/execute.c | 6 +++---
 src/core/execute.h | 9 +++++++++
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/core/execute.c b/src/core/execute.c
index 92da22081b..b866747719 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -2983,7 +2983,7 @@ static int compile_bind_mounts(
                         continue;
 
                 if (exec_directory_is_private(context, t) &&
-                    !(context->root_directory || context->root_image)) {
+                    !exec_context_with_rootfs(context)) {
                         char *private_root;
 
                         /* So this is for a dynamic user, and we need to make sure the process can access its own
@@ -3014,7 +3014,7 @@ static int compile_bind_mounts(
                         }
 
                         if (exec_directory_is_private(context, t) &&
-                            (context->root_directory || context->root_image))
+                            exec_context_with_rootfs(context))
                                 /* When RootDirectory= or RootImage= are set, then the symbolic link to the private
                                  * directory is not created on the root directory. So, let's bind-mount the directory
                                  * on the 'non-private' place. */
@@ -5658,7 +5658,7 @@ bool exec_context_get_effective_mount_apivfs(const ExecContext *c) {
                 return c->mount_apivfs;
 
         /* Default to "yes" if root directory or image are specified */
-        if (c->root_image || !empty_or_root(c->root_directory))
+        if (exec_context_with_rootfs(c))
                 return true;
 
         return false;
diff --git a/src/core/execute.h b/src/core/execute.h
index c21154bda2..c4345005c1 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -23,6 +23,7 @@ typedef struct Manager Manager;
 #include "namespace.h"
 #include "nsflags.h"
 #include "numa-util.h"
+#include "path-util.h"
 #include "time-util.h"
 
 #define EXEC_STDIN_DATA_MAX (64U*1024U*1024U)
@@ -325,6 +326,14 @@ static inline bool exec_context_restrict_namespaces_set(const ExecContext *c) {
         return (c->restrict_namespaces & NAMESPACE_FLAGS_ALL) != NAMESPACE_FLAGS_ALL;
 }
 
+static inline bool exec_context_with_rootfs(const ExecContext *c) {
+        assert(c);
+
+        /* Checks if RootDirectory= or RootImage= are used */
+
+        return !empty_or_root(c->root_directory) || c->root_image;
+}
+
 typedef enum ExecFlags {
         EXEC_APPLY_SANDBOXING  = 1 << 0,
         EXEC_APPLY_CHROOT      = 1 << 1,