bus-unit-util: Fix DelegateNamespaces= parser

Similarly to the config file parse method, let's fix the systemd-run
parser as well.

Follow up for 11b982053bdc31806e571ea0771d7f10cb276d69

diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
index f78741316134a39a3be0990299cc00da0d55bd23..1e04a051a6db2ee81fccb0b0391d7ce9ffb24988 100644 (file)
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@@ -1669,13 +1669,17 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
         if (STR_IN_SET(field, "RestrictNamespaces",
                               "DelegateNamespaces")) {
                 bool invert = false;
+                unsigned long all = UPDATE_FLAG(NAMESPACE_FLAGS_ALL, CLONE_NEWUSER, !streq(field, "DelegateNamespaces"));
                 unsigned long flags;
 
                 r = parse_boolean(eq);
                 if (r > 0)
-                        flags = 0;
+                        /* RestrictNamespaces= value gets stored into a field with reverse semantics (the
+                         * namespaces which are retained), so RestrictNamespaces=true means we retain no
+                         * access to any namespaces and vice-versa. */
+                        flags = streq(field, "RestrictNamespaces") ? 0 : all;
                 else if (r == 0)
-                        flags = NAMESPACE_FLAGS_ALL;
+                        flags = streq(field, "RestrictNamespaces") ? all : 0;
                 else {
                         if (eq[0] == '~') {
                                 invert = true;
@@ -1688,7 +1692,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
                 }
 
                 if (invert)
-                        flags = (~flags) & NAMESPACE_FLAGS_ALL;
+                        flags = (~flags) & all;
 
                 r = sd_bus_message_append(m, "(sv)", field, "t", (uint64_t) flags);
                 if (r < 0)