execute: also fold the cgroup delegate bit into ExecFlags

diff --git a/src/core/execute.c b/src/core/execute.c
index 9498ebe09876f1eb11483bd9853b0255f3abee10..194fb4b4c0b680cd78d4b123c475b7f6a85ae803 100644 (file)
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -2589,7 +2589,7 @@ static int exec_child(
         /* If delegation is enabled we'll pass ownership of the cgroup
          * (but only in systemd's own controller hierarchy!) to the
          * user of the new process. */
-        if (params->cgroup_path && context->user && params->cgroup_delegate) {
+        if (params->cgroup_path && context->user && (params->flags & EXEC_CGROUP_DELEGATE)) {
                 r = cg_set_task_access(SYSTEMD_CGROUP_CONTROLLER, params->cgroup_path, 0644, uid, gid);
                 if (r < 0) {
                         *exit_status = EXIT_CGROUP;

diff --git a/src/core/execute.h b/src/core/execute.h
index 14a3bdde1f5dfdaabf9d831e32d8110213a2d13d..69cb0e5646587e891203002fdedc4ef4a6471ab7 100644 (file)
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -262,12 +262,13 @@ typedef enum ExecFlags {
         EXEC_PASS_LOG_UNIT     = 1U << 4, /* Whether to pass the unit name to the service's journal stream connection */
         EXEC_CHOWN_DIRECTORIES = 1U << 5, /* chown() the runtime/state/cache/log directories to the user we run as, under all conditions */
         EXEC_NSS_BYPASS_BUS    = 1U << 6, /* Set the SYSTEMD_NSS_BYPASS_BUS environment variable, to disable nss-systemd for dbus */
+        EXEC_CGROUP_DELEGATE   = 1U << 7,
 
         /* The following are not used by execute.c, but by consumers internally */
-        EXEC_PASS_FDS          = 1U << 7,
-        EXEC_IS_CONTROL        = 1U << 8,
-        EXEC_SETENV_RESULT     = 1U << 9,
-        EXEC_SET_WATCHDOG      = 1U << 10,
+        EXEC_PASS_FDS          = 1U << 8,
+        EXEC_IS_CONTROL        = 1U << 9,
+        EXEC_SETENV_RESULT     = 1U << 10,
+        EXEC_SET_WATCHDOG      = 1U << 11,
 } ExecFlags;
 
 struct ExecParameters {
@@ -282,7 +283,6 @@ struct ExecParameters {
         ExecFlags flags;
         bool selinux_context_net:1;
 
-        bool cgroup_delegate:1;
         CGroupMask cgroup_supported;
         const char *cgroup_path;
 

diff --git a/src/core/mount.c b/src/core/mount.c
index 25f27909ddd0dbb458a9568486e8d96d0855c56a..0114efb64875c2fe6458ec57338f9edae5bdbcc7 100644 (file)
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -775,7 +775,7 @@ static int mount_spawn(Mount *m, ExecCommand *c, pid_t *_pid) {
                 return r;
 
         exec_params.cgroup_path = UNIT(m)->cgroup_path;
-        exec_params.cgroup_delegate = m->cgroup_context.delegate;
+        SET_FLAG(exec_params.flags, EXEC_CGROUP_DELEGATE, m->cgroup_context.delegate);
 
         r = exec_spawn(UNIT(m),
                        c,

diff --git a/src/core/service.c b/src/core/service.c
index 01cc0a5d2a32b40b0518f094d77297020834f89c..c35a41bbe0a603b2286c4ba8b58fe277c9c00ba6 100644 (file)
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -1365,6 +1365,8 @@ static int service_spawn(
         SET_FLAG(exec_params.flags, EXEC_NSS_BYPASS_BUS,
                  MANAGER_IS_SYSTEM(UNIT(s)->manager) && unit_has_name(UNIT(s), SPECIAL_DBUS_SERVICE));
 
+        SET_FLAG(exec_params.flags, EXEC_CGROUP_DELEGATE, s->cgroup_context.delegate);
+
         exec_params.argv = c->argv;
         exec_params.environment = final_env;
         exec_params.fds = fds;
@@ -1372,7 +1374,6 @@ static int service_spawn(
         exec_params.n_storage_fds = n_storage_fds;
         exec_params.n_socket_fds = n_socket_fds;
         exec_params.cgroup_path = path;
-        exec_params.cgroup_delegate = s->cgroup_context.delegate;
         exec_params.watchdog_usec = s->watchdog_usec;
         exec_params.selinux_context_net = s->socket_fd_selinux_context_net;
         if (s->type == SERVICE_IDLE)

diff --git a/src/core/socket.c b/src/core/socket.c
index 3ab92f72c3faa29cfe445bcf9ce87dfd8bc33773..871f09825cdf1ef2c179f3b5cd85c8a472920a23 100644 (file)
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -1796,7 +1796,8 @@ static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
 
         exec_params.argv = c->argv;
         exec_params.cgroup_path = UNIT(s)->cgroup_path;
-        exec_params.cgroup_delegate = s->cgroup_context.delegate;
+
+        SET_FLAG(exec_params.flags, EXEC_CGROUP_DELEGATE, s->cgroup_context.delegate);
 
         r = exec_spawn(UNIT(s),
                        c,

diff --git a/src/core/swap.c b/src/core/swap.c
index e839c26141158baa25075479428019ae2da5108f..7bea2e8505cb6f5411db4bebcfb3f12fa3f6e0ff 100644 (file)
--- a/src/core/swap.c
+++ b/src/core/swap.c
@@ -641,7 +641,7 @@ static int swap_spawn(Swap *s, ExecCommand *c, pid_t *_pid) {
                 goto fail;
 
         exec_params.cgroup_path = UNIT(s)->cgroup_path;
-        exec_params.cgroup_delegate = s->cgroup_context.delegate;
+        SET_FLAG(exec_params.flags, EXEC_CGROUP_DELEGATE, s->cgroup_context.delegate);
 
         r = exec_spawn(UNIT(s),
                        c,