]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 17c58ba) | patch
dev-setup: generalize logic we use to create "inaccessible" device nodes
authorLennart Poettering <lennart@poettering.net>
Fri, 27 Jul 2018 16:04:11 +0000 (18:04 +0200)
committerLennart Poettering <lennart@poettering.net>
Thu, 29 Nov 2018 19:21:40 +0000 (20:21 +0100)
commit30874dda3a66c0639773dd23079662fc4bf53afd
treeaeae7d28a611e3a23781803f5a6ab500d3d5e2d7tree | snapshot
parent17c58ba97b1cdacf28a0135522081d562628385acommit | diff
dev-setup: generalize logic we use to create "inaccessible" device nodes

Let's generalize this, so that we can use this in nspawn later on, which
is pretty useful as we need to be able to mask files from the inner
child of nspawn too, where the host's /run/systemd/inaccessible
directory is not visible anymore. Moreover, if nspawn can create these
nodes on its own before the payload this means the payload can run with
fewer privileges.
src/core/mount-setup.c diff | blob | blame | history
src/shared/dev-setup.c diff | blob | blame | history
src/shared/dev-setup.h diff | blob | blame | history
src/test/meson.build diff | blob | blame | history
src/test/test-dev-setup.c [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.