Merge pull request #9026 from yuwata/followup-9021
core: refuse StateDirectory=private
This commit is contained in:
commit
c55b280158
|
@ -2139,8 +2139,14 @@ int bus_exec_context_set_transient_property(
|
|||
return r;
|
||||
|
||||
STRV_FOREACH(p, l) {
|
||||
if (!path_is_normalized(*p) || path_is_absolute(*p))
|
||||
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is not valid: %s", name, *p);
|
||||
if (!path_is_normalized(*p))
|
||||
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is not normalized: %s", name, *p);
|
||||
|
||||
if (path_is_absolute(*p))
|
||||
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is absolute: %s", name, *p);
|
||||
|
||||
if (path_startswith(*p, "private"))
|
||||
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path can't be 'private': %s", name, *p);
|
||||
}
|
||||
|
||||
if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
|
||||
|
|
|
@ -365,7 +365,7 @@ int config_parse_socket_listen(const char *unit,
|
|||
p->type = SOCKET_SOCKET;
|
||||
r = unit_full_printf(UNIT(s), rvalue, &k);
|
||||
if (r < 0) {
|
||||
log_syntax(unit, LOG_ERR, filename, line, r,"Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
|
||||
log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -816,8 +816,7 @@ int config_parse_socket_bindtodevice(
|
|||
} else
|
||||
n = NULL;
|
||||
|
||||
free(s->bind_to_device);
|
||||
s->bind_to_device = n;
|
||||
free_and_replace(s->bind_to_device, n);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue