nspawn: only remount /usr/ with idmap when --volatile=yes

The root directory is already mounted with a picked UID shift, hence
it is not necessary to remount with idmap. However, /usr/ is a bind-mount,
hence it must be remounted with idmap.

With this change, now '-U --volatile=yes' works fine.

Fixes #34254.

(cherry picked from commit 025be2361b3ee7cc3732fb3963d36b8583842064)

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 6f81583f9ce184148d84a93440c75d019eff9694..85a98e6b9f01ca2f05199efc546d57f3df7de3e7 100644 (file)
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -4009,11 +4009,14 @@ static int outer_child(
             arg_uid_shift != 0) {
                 _cleanup_strv_free_ char **dirs = NULL;
 
-                r = strv_extend(&dirs, directory);
-                if (r < 0)
-                        return log_oom();
+                if (arg_volatile_mode != VOLATILE_YES) {
+                        r = strv_extend(&dirs, directory);
+                        if (r < 0)
+                                return log_oom();
+                }
 
-                if (dissected_image && dissected_image->partitions[PARTITION_USR].found) {
+                if ((dissected_image && dissected_image->partitions[PARTITION_USR].found) ||
+                    arg_volatile_mode == VOLATILE_YES) {
                         char *s = path_join(directory, "/usr");
                         if (!s)
                                 return log_oom();