From 645767d6b5fd965de6367e6c1289ec295ea77cd7 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 28 Sep 2017 18:28:23 +0200 Subject: [PATCH] namespace: create /dev, /proc, /sys when needed We already create /dev implicitly if PrivateTmp=yes is on, if it is missing. Do so too for the other two API VFS, as well as for /dev if PrivateTmp=yes is off but MountAPIVFS=yes is on (i.e. when /dev is bind mounted from the host). --- src/core/namespace.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/core/namespace.c b/src/core/namespace.c index 09eac6bfe8..8511131ff1 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -618,6 +618,8 @@ static int mount_bind_dev(MountEntry *m) { /* Implements the little brother of mount_private_dev(): simply bind mounts the host's /dev into the service's * /dev. This is only used when RootDirectory= is set. */ + (void) mkdir_p_label(mount_entry_path(m), 0755); + r = path_is_mount_point(mount_entry_path(m), NULL, 0); if (r < 0) return log_debug_errno(r, "Unable to determine whether /dev is already mounted: %m"); @@ -635,6 +637,8 @@ static int mount_sysfs(MountEntry *m) { assert(m); + (void) mkdir_p_label(mount_entry_path(m), 0755); + r = path_is_mount_point(mount_entry_path(m), NULL, 0); if (r < 0) return log_debug_errno(r, "Unable to determine whether /sys is already mounted: %m"); @@ -653,6 +657,8 @@ static int mount_procfs(MountEntry *m) { assert(m); + (void) mkdir_p_label(mount_entry_path(m), 0755); + r = path_is_mount_point(mount_entry_path(m), NULL, 0); if (r < 0) return log_debug_errno(r, "Unable to determine whether /proc is already mounted: %m"); -- 2.25.1