core: refuse StateDirectory=private, as our internal DynamicUser=1 symlink is called...

Let's better be safe than sorry.

diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index e17987bf070f9ea72cf6af91c06d41e540137b2b..72c6e100083a2af48be9959b2e63902fa3d36ba3 100644 (file)
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -3988,9 +3988,21 @@ int config_parse_exec_directories(
                         continue;
                 }
 
-                if (!path_is_normalized(k) || path_is_absolute(k)) {
+                if (!path_is_normalized(k)) {
                         log_syntax(unit, LOG_ERR, filename, line, 0,
-                                   "%s= path is not valid, ignoring assignment: %s", lvalue, rvalue);
+                                   "%s= path is not normalized, ignoring assignment: %s", lvalue, rvalue);
+                        continue;
+                }
+
+                if (path_is_absolute(k)) {
+                        log_syntax(unit, LOG_ERR, filename, line, 0,
+                                   "%s= path is absolute, ignoring assignment: %s", lvalue, rvalue);
+                        continue;
+                }
+
+                if (path_startswith(k, "private")) {
+                        log_syntax(unit, LOG_ERR, filename, line, 0,
+                                   "%s= path can't be 'private', ingoring assignment: %s", lvalue, rvalue);
                         continue;
                 }