]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b0f8d8a) | patch
volatile-binds: add recipe variable to allow disabling OverlayFS
authorLuca Boccassi <luca.boccassi@microsoft.com>
Mon, 28 Mar 2022 15:26:54 +0000 (16:26 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 29 Mar 2022 14:58:39 +0000 (15:58 +0100)
commit6002bdc77643c363a8326bf163baecba8b36e3e0
tree520d7a8ade4f74d6ef250a8f559b127f7c4abab1tree
parentb0f8d8a4c063936b50d3ec7c066b29157b3c3544commit | diff
volatile-binds: add recipe variable to allow disabling OverlayFS

Use the new MOUNT_COPYBIND_AVOID_OVERLAYFS flag provided by mount-copybind.
When SELinux is enabled, processes accessing OverlayFS mounts will get a denial
if the process setting up the mount doesn't have all the permissions that
the accessor has.

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-core/volatile-binds/files/volatile-binds.service.in diff | blob | blame | history
meta/recipes-core/volatile-binds/volatile-binds.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core