Add credential support for mount units

Add EXEC_SETUP_CREDENTIALS flag to allow using credentials with mount units.
Fixes: https://github.com/systemd/systemd/issues/23535

diff --git a/src/core/mount.c b/src/core/mount.c
index 689ef5672dbf3073dc59f1fea4a9f7c5417f9d53..c3a2f7ab7e64fe57ed0d85438f9327cf5eeaece8 100644 (file)
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -854,9 +854,19 @@ static void mount_dump(Unit *u, FILE *f, const char *prefix) {
         }
 }
 
-static int mount_spawn(Mount *m, ExecCommand *c, PidRef *ret_pid) {
-        _cleanup_(exec_params_shallow_clear) ExecParameters exec_params = EXEC_PARAMETERS_INIT(
-                        EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN);
+static ExecFlags mount_exec_flags(MountState state) {
+        ExecFlags flags = EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN;
+
+        assert(IN_SET(state, MOUNT_MOUNTING, MOUNT_REMOUNTING, MOUNT_UNMOUNTING));
+
+        if (IN_SET(state, MOUNT_MOUNTING, MOUNT_REMOUNTING))
+                flags |= EXEC_SETUP_CREDENTIALS;
+
+        return flags;
+}
+
+static int mount_spawn(Mount *m, ExecCommand *c, ExecFlags flags, PidRef *ret_pid) {
+        _cleanup_(exec_params_shallow_clear) ExecParameters exec_params = EXEC_PARAMETERS_INIT(flags);
         _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
         int r;
 
@@ -1047,7 +1057,7 @@ static void mount_enter_unmounting(Mount *m) {
 
         mount_unwatch_control_pid(m);
 
-        r = mount_spawn(m, m->control_command, &m->control_pid);
+        r = mount_spawn(m, m->control_command, mount_exec_flags(MOUNT_UNMOUNTING), &m->control_pid);
         if (r < 0) {
                 log_unit_warning_errno(UNIT(m), r, "Failed to spawn 'umount' task: %m");
                 goto fail;
@@ -1192,7 +1202,7 @@ static void mount_enter_mounting(Mount *m) {
 
         mount_unwatch_control_pid(m);
 
-        r = mount_spawn(m, m->control_command, &m->control_pid);
+        r = mount_spawn(m, m->control_command, mount_exec_flags(MOUNT_MOUNTING), &m->control_pid);
         if (r < 0) {
                 log_unit_warning_errno(UNIT(m), r, "Failed to spawn 'mount' task: %m");
                 goto fail;
@@ -1257,7 +1267,7 @@ static void mount_enter_remounting(Mount *m) {
 
         mount_unwatch_control_pid(m);
 
-        r = mount_spawn(m, m->control_command, &m->control_pid);
+        r = mount_spawn(m, m->control_command, mount_exec_flags(MOUNT_REMOUNTING), &m->control_pid);
         if (r < 0) {
                 log_unit_warning_errno(UNIT(m), r, "Failed to spawn 'remount' task: %m");
                 goto fail;