]> git.ipfire.org Git - thirdparty/systemd.git/commit - src/core/namespace.c
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b5d2163) | patch
namespace: allow overriding /run with a TemporaryFileSystem=
authorTopi Miettinen <toiwoton@gmail.com>
Tue, 7 Dec 2021 20:34:17 +0000 (22:34 +0200)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Sat, 11 Dec 2021 14:57:42 +0000 (15:57 +0100)
commit124139859e505c630aec6605d3c5ec923f531e24
tree21da9d553bd0dbe402a574006d1a7aec68b6a69btree | snapshot
parentb5d2163b8ed0773d05cb3db1a48630e0ca4ba0a6commit | diff
namespace: allow overriding /run with a TemporaryFileSystem=

Lower priority of RUN, so that TMPFS and especially the mount flags given with
`TemporaryFileSystem=` are used.

This allows making `/run` private with drop-ins such as:
```
[Service]
BindReadOnlyPaths=/run/systemd:/run/systemd:norbind
TemporaryFileSystem=/run:nodev,noexec,nosuid,rw,size=32k,nr_inodes=10,mode=0755
```
src/core/namespace.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.