core/namespace: replace MOUNT_PRIVATE_TMP_READ_ONLY with MOUNT_PRIVATE_TMP with ...

author Yu Watanabe <watanabe.yu+github@gmail.com>

Sat, 19 Oct 2024 05:40:13 +0000 (14:40 +0900)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Wed, 23 Oct 2024 18:05:06 +0000 (03:05 +0900)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Sat, 19 Oct 2024 05:40:13 +0000 (14:40 +0900)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Wed, 23 Oct 2024 18:05:06 +0000 (03:05 +0900)
diff --git a/src/core/namespace.c b/src/core/namespace.c

index 90779ba70307a09440c698be8b95e7e3cd76b9b1..ba308c29576dd54c81940cbc7ee5b4863d6214e2 100644 (file)
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -59,7 +59,6 @@ typedef enum MountMode {
          MOUNT_BIND,
          MOUNT_BIND_RECURSIVE,
          MOUNT_PRIVATE_TMP,
-        MOUNT_PRIVATE_TMP_READ_ONLY,
          MOUNT_PRIVATE_DEV,
          MOUNT_BIND_DEV,
          MOUNT_EMPTY_DIR,
@@ -243,7 +242,6 @@ static const char * const mount_mode_table[_MOUNT_MODE_MAX] = {
          [MOUNT_BIND]                  = "bind",
          [MOUNT_BIND_RECURSIVE]        = "bind-recursive",
          [MOUNT_PRIVATE_TMP]           = "private-tmp",
-        [MOUNT_PRIVATE_TMP_READ_ONLY] = "private-tmp-read-only",
          [MOUNT_PRIVATE_DEV]           = "private-dev",
          [MOUNT_BIND_DEV]              = "bind-dev",
          [MOUNT_EMPTY_DIR]             = "empty-dir",
@@ -315,7 +313,7 @@ static void mount_entry_consume_prefix(MountEntry *p, char *new_path) {
  static bool mount_entry_read_only(const MountEntry *p) {
          assert(p);
  
-        return p->read_only || IN_SET(p->mode, MOUNT_READ_ONLY, MOUNT_INACCESSIBLE, MOUNT_PRIVATE_TMP_READ_ONLY);
+        return p->read_only || IN_SET(p->mode, MOUNT_READ_ONLY, MOUNT_INACCESSIBLE);
  }
  
  static bool mount_entry_noexec(const MountEntry *p) {
@@ -1746,7 +1744,6 @@ static int apply_one_mount(
                  return mount_tmpfs(m);
  
          case MOUNT_PRIVATE_TMP:
-        case MOUNT_PRIVATE_TMP_READ_ONLY:
                  what = mount_entry_source(m);
                  make = true;
                  break;
@@ -2402,29 +2399,27 @@ int setup_namespace(const NamespaceParameters *p, char **error_path) {
                  assert(p->private_tmp == PRIVATE_TMP_CONNECTED);
  
                  if (p->tmp_dir) {
-                        bool ro = streq(p->tmp_dir, RUN_SYSTEMD_EMPTY);
-
                          MountEntry *me = mount_list_extend(&ml);
                          if (!me)
                                  return log_oom_debug();
  
                          *me = (MountEntry) {
                                  .path_const = "/tmp",
-                                .mode = ro ? MOUNT_PRIVATE_TMP_READ_ONLY : MOUNT_PRIVATE_TMP,
+                                .mode = MOUNT_PRIVATE_TMP,
+                                .read_only = streq(p->tmp_dir, RUN_SYSTEMD_EMPTY),
                                  .source_const = p->tmp_dir,
                          };
                  }
  
                  if (p->var_tmp_dir) {
-                        bool ro = streq(p->var_tmp_dir, RUN_SYSTEMD_EMPTY);
-
                          MountEntry *me = mount_list_extend(&ml);
                          if (!me)
                                  return log_oom_debug();
  
                          *me = (MountEntry) {
                                  .path_const = "/var/tmp",
-                                .mode = ro ? MOUNT_PRIVATE_TMP_READ_ONLY : MOUNT_PRIVATE_TMP,
+                                .mode = MOUNT_PRIVATE_TMP,
+                                .read_only = streq(p->var_tmp_dir, RUN_SYSTEMD_EMPTY),
                                  .source_const = p->var_tmp_dir,
                          };
                  }
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Sat, 19 Oct 2024 05:40:13 +0000 (14:40 +0900)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Wed, 23 Oct 2024 18:05:06 +0000 (03:05 +0900)