]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: ed803ee 284dd31)
core: Bind mount notify socket to /run/host/notify in sandboxed units (#35573)
authorDaan De Meyer <daan.j.demeyer@gmail.com>
Fri, 13 Dec 2024 13:48:07 +0000 (13:48 +0000)
committerGitHub <noreply@github.com>
Fri, 13 Dec 2024 13:48:07 +0000 (13:48 +0000)
To be able to run systemd in a Type=notify transient unit, the notify
socket can't be bind mounted to /run/systemd/notify as systemd in the
transient unit wants to use that as its own notify socket which
conflicts with systemd on the host.

Instead, for sandboxed units, let's bind mount the notify socket to
/run/host/notify as documented in the container interface. Since we
don't guarantee a stable location for the notify socket and insist users
use $NOTIFY_SOCKET to get its path, this is safe to do.

1  2 
src/core/exec-invoke.c patch | diff1 | diff2 | blob | history
src/core/namespace.c patch | diff1 | diff2 | blob | history
src/core/namespace.h patch | diff1 | diff2 | blob | history
test/units/TEST-50-DISSECT.dissect.sh patch | diff1 | diff2 | blob | history

diff --cc src/core/exec-invoke.c
Simple merge
diff --cc src/core/namespace.c
Simple merge
diff --cc src/core/namespace.h
Simple merge
diff --cc test/units/TEST-50-DISSECT.dissect.sh
Simple merge
Unnamed repository; edit this file 'description' to name the repository.