if (MANAGER_IS_SYSTEM(m) || have_userns_privileges()) {
test(m, "exec-privatetmp-yes.service", can_unshare ? 0 : MANAGER_IS_SYSTEM(m) ? EXIT_FAILURE : EXIT_NAMESPACE, CLD_EXITED);
test(m, "exec-privatetmp-disabled-by-prefix.service", can_unshare ? 0 : MANAGER_IS_SYSTEM(m) ? EXIT_FAILURE : EXIT_NAMESPACE, CLD_EXITED);
+
+ FOREACH_STRING(s,
+ "exec-privatetmp-disconnected.service",
+ "exec-privatetmp-disconnected-defaultdependencies-no.service",
+ "exec-privatetmp-disconnected-requires-mounts-for-var.service",
+ "exec-privatetmp-disconnected-wants-mounts-for-var.service",
+ "exec-privatetmp-disconnected-after-and-requires-for-var.service",
+ "exec-privatetmp-disconnected-after-and-wants-for-var.service") {
+ (void) unlink("/tmp/test-exec_privatetmp_disconnected");
+ (void) unlink("/var/tmp/test-exec_privatetmp_disconnected");
+ test(m, s, can_unshare ? 0 : MANAGER_IS_SYSTEM(m) ? EXIT_FAILURE : EXIT_NAMESPACE, CLD_EXITED);
+ ASSERT_FAIL(access("/tmp/test-exec_privatetmp_disconnected", F_OK));
+ ASSERT_FAIL(access("/var/tmp/test-exec_privatetmp_disconnected", F_OK));
+ }
}
test(m, "exec-privatetmp-no.service", 0, CLD_EXITED);
--- /dev/null
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with After=/Requires=var.mount
+DefaultDependencies=no
+After=var.mount
+Requires=var.mount
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
--- /dev/null
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with After=/Wants=var.mount
+DefaultDependencies=no
+After=var.mount
+Wants=var.mount
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
--- /dev/null
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with DefaultDependencies=no
+DefaultDependencies=no
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c '(! touch /var/tmp/test-exec_privatetmp_disconnected)'
+ExecStart=sh -x -c 'test $$TMPDIR = /tmp'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
--- /dev/null
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with RequiresMountsFor=/var/
+DefaultDependencies=no
+RequiresMountsFor=/var/
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
--- /dev/null
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected with WantsMountsFor=/var/
+DefaultDependencies=no
+WantsMountsFor=/var/
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
--- /dev/null
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Test for PrivateTmp=disconnected
+
+[Service]
+ExecStart=sh -x -c 'test ! -f /tmp/test-exec_privatetmp'
+ExecStart=touch /tmp/test-exec_privatetmp_disconnected
+ExecStart=touch /var/tmp/test-exec_privatetmp_disconnected
+ExecStart=sh -x -c 'test x$$TMPDIR = x'
+Type=oneshot
+ProtectSystem=strict
+PrivateTmp=disconnected
projects / thirdparty / systemd.git / commitdiff
