X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=src%2Fcore%2Fexecute.h;h=4b5b2d98cef1287dbbe3f40ccb0d6c49b0520273;hb=7ca69792e57f09cafa77aec1312f356382715c8c;hp=16124cf28c41af5dcc5ed127440cd450ccdcc1ae;hpb=de38f06f52fb172c60485376b8648d7208bb5a90;p=thirdparty%2Fsystemd.git

diff --git a/src/core/execute.h b/src/core/execute.h
index 16124cf28c4..4b5b2d98cef 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -16,7 +16,7 @@ typedef struct Manager Manager;
 #include "cgroup-util.h"
 #include "fdset.h"
 #include "list.h"
-#include "missing.h"
+#include "missing_resource.h"
 #include "namespace.h"
 #include "nsflags.h"
 
@@ -91,6 +91,7 @@ typedef enum ExecCommandFlags {
         EXEC_COMMAND_FULLY_PRIVILEGED = 1 << 1,
         EXEC_COMMAND_NO_SETUID        = 1 << 2,
         EXEC_COMMAND_AMBIENT_MAGIC    = 1 << 3,
+        EXEC_COMMAND_NO_ENV_EXPAND    = 1 << 4,
 } ExecCommandFlags;
 
 /* Stores information about commands we execute. Covers both configuration settings as well as runtime data. */
@@ -272,6 +273,7 @@ struct ExecContext {
 
         bool memory_deny_write_execute;
         bool restrict_realtime;
+        bool protect_hostname;
 
         bool oom_score_adjust_set:1;
         bool nice_set:1;
@@ -289,18 +291,17 @@ typedef enum ExecFlags {
         EXEC_APPLY_SANDBOXING  = 1 << 0,
         EXEC_APPLY_CHROOT      = 1 << 1,
         EXEC_APPLY_TTY_STDIN   = 1 << 2,
-        EXEC_NEW_KEYRING       = 1 << 3,
-        EXEC_PASS_LOG_UNIT     = 1 << 4, /* Whether to pass the unit name to the service's journal stream connection */
-        EXEC_CHOWN_DIRECTORIES = 1 << 5, /* chown() the runtime/state/cache/log directories to the user we run as, under all conditions */
-        EXEC_NSS_BYPASS_BUS    = 1 << 6, /* Set the SYSTEMD_NSS_BYPASS_BUS environment variable, to disable nss-systemd for dbus */
-        EXEC_CGROUP_DELEGATE   = 1 << 7,
-        EXEC_IS_CONTROL        = 1 << 8,
-        EXEC_CONTROL_CGROUP    = 1 << 9, /* Place the process not in the indicated cgroup but in a subcgroup '/.control', but only EXEC_CGROUP_DELEGATE and EXEC_IS_CONTROL is set, too */
+        EXEC_PASS_LOG_UNIT     = 1 << 3, /* Whether to pass the unit name to the service's journal stream connection */
+        EXEC_CHOWN_DIRECTORIES = 1 << 4, /* chown() the runtime/state/cache/log directories to the user we run as, under all conditions */
+        EXEC_NSS_BYPASS_BUS    = 1 << 5, /* Set the SYSTEMD_NSS_BYPASS_BUS environment variable, to disable nss-systemd for dbus */
+        EXEC_CGROUP_DELEGATE   = 1 << 6,
+        EXEC_IS_CONTROL        = 1 << 7,
+        EXEC_CONTROL_CGROUP    = 1 << 8, /* Place the process not in the indicated cgroup but in a subcgroup '/.control', but only EXEC_CGROUP_DELEGATE and EXEC_IS_CONTROL is set, too */
 
         /* The following are not used by execute.c, but by consumers internally */
-        EXEC_PASS_FDS          = 1 << 10,
-        EXEC_SETENV_RESULT     = 1 << 11,
-        EXEC_SET_WATCHDOG      = 1 << 12,
+        EXEC_PASS_FDS          = 1 << 9,
+        EXEC_SETENV_RESULT     = 1 << 10,
+        EXEC_SET_WATCHDOG      = 1 << 11,
 } ExecFlags;
 
 /* Parameters for a specific invocation of a command. This structure is put together right before a command is