git.ipfire.org Git - thirdparty/systemd.git/commit

author	Lennart Poettering <lennart@amutable.com>
	Thu, 27 Nov 2025 07:07:31 +0000 (08:07 +0100)
committer	Lennart Poettering <lennart@amutable.com>
	Thu, 19 Feb 2026 14:08:20 +0000 (15:08 +0100)
commit	e93fd7109408c1b652627fa58eb2e8aeb5c9e7f9
tree	276ea85c8a48577607661036e6500331bd4ad21d	tree
parent	68ed4f3c669b3b175222eb6e3ba11cc34fa03b12	commit \| diff

core: introduce PinnedResource

This introduces PinnedResources as a structure combining pinned
references to a root directory, root image, or root mstack. This is not
only easier to work with, but essential to make certain unpriv things
work, as we need some mechanism to pin resources before we drop into a
userns which might possibly not provide access anymore to those
resources.

Hence this does two things: introduce the new structure, and immediately
hook it up so that we pin things properly before dropping into userns,
and then makes use of this after dropping the right way, and enables
unpriv userns operation.

The concept is generic enough to eventually implement extension images +
mount images with the same structure, but in order to keep the changes
managable this is left for another time.

(This also makes one further clean-up: client-side verity-reuse checks
are moved server side if we are unpriv. Previously we'd do them client
side, but they were doomed to fail because of lack of privs. Hence let's
drop the client side if we are unpriv and purely do them server-side in
that case.)

src/core/exec-invoke.c		diff \| blob \| blame \| history
src/core/namespace.c		diff \| blob \| blame \| history
src/core/namespace.h		diff \| blob \| blame \| history
src/core/service.c		diff \| blob \| blame \| history
src/shared/shared-forward.h		diff \| blob \| blame \| history
src/test/test-namespace.c		diff \| blob \| blame \| history
src/test/test-ns.c		diff \| blob \| blame \| history