From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 6 Sep 2024 04:18:59 +0000 (+0900)
Subject: nspawn: only remount /usr/ with idmap when --volatile=yes
X-Git-Tag: v257-rc1~510^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=025be2361b3ee7cc3732fb3963d36b8583842064;p=thirdparty%2Fsystemd.git

nspawn: only remount /usr/ with idmap when --volatile=yes

The root directory is already mounted with a picked UID shift, hence
it is not necessary to remount with idmap. However, /usr/ is a bind-mount,
hence it must be remounted with idmap.

With this change, now '-U --volatile=yes' works fine.

Fixes #34254.
---

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 655dc7c6976..ec73e427091 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -3995,11 +3995,14 @@ static int outer_child(
             arg_uid_shift != 0) {
                 _cleanup_strv_free_ char **dirs = NULL;
 
-                r = strv_extend(&dirs, directory);
-                if (r < 0)
-                        return log_oom();
+                if (arg_volatile_mode != VOLATILE_YES) {
+                        r = strv_extend(&dirs, directory);
+                        if (r < 0)
+                                return log_oom();
+                }
 
-                if (dissected_image && dissected_image->partitions[PARTITION_USR].found) {
+                if ((dissected_image && dissected_image->partitions[PARTITION_USR].found) ||
+                    arg_volatile_mode == VOLATILE_YES) {
                         char *s = path_join(directory, "/usr");
                         if (!s)
                                 return log_oom();