]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 277b269) | patch
core/namespace: mount new sysfs when new network namespace is requested
authorYu Watanabe <watanabe.yu+github@gmail.com>
Fri, 17 Feb 2023 04:50:17 +0000 (13:50 +0900)
committerYu Watanabe <watanabe.yu+github@gmail.com>
Thu, 23 Feb 2023 06:09:13 +0000 (15:09 +0900)
commitc2da3bf2376440526e87da6124660d22ac2079d6
treebe6e5db0567dd6207635f4155a9c8902d0680a25tree | snapshot
parent277b269e252314882bd01bdc187599e0f8dae480commit | diff
core/namespace: mount new sysfs when new network namespace is requested

Even when a mount namespace is created, previously host's sysfs is used,
especially with RootDirectory= or RootImage=, thus service processes can
still access the properties of the network interfaces in the main network
namespace through sysfs.

This makes, sysfs is remounted with the new network namespace tag, except
when PrivateMounts= is explicitly disabled. Hence, the properties of the
network interfaces in the main network namespace cannot be accessed by
service processes through sysfs.

Fixes #26422.
man/systemd.exec.xml diff | blob | blame | history
src/core/execute.c diff | blob | blame | history
src/core/namespace.c diff | blob | blame | history
src/core/namespace.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.