From: Luca Boccassi Date: Mon, 22 Jun 2026 21:26:17 +0000 (+0100) Subject: tmpfiles: do not fail when trying to apply ACL during mkosi build X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3754ceba6f063c50c235c87447743ebe41b5b42f;p=thirdparty%2Fsystemd.git tmpfiles: do not fail when trying to apply ACL during mkosi build When running in a mkosi namespaced env tmpfiles fails to set ACLs: Running create action for entry a /buildroot/var/log/journal Setting access ACL u::rwx,g::r-x,g:adm:r-x,m::r-x,o::r-x on /buildroot/var/log/journal Setting access ACL "u::rwx,g::r-x,g:adm:r-x,m::r-x,o::r-x" on /buildroot/var/log/journal failed: Invalid argument If EINVAL is returned and we are in a chroot, skip gracefully via EOPNOTSUPP. The ACLs will be set on first boot. --- diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c index 82d68254578..738f09a9633 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -1422,16 +1422,20 @@ static int path_set_acl( strna(t), pretty); if (!arg_dry_run && - sym_acl_set_file(path, type, dup) < 0) { - if (ERRNO_IS_NOT_SUPPORTED(errno)) + (r = RET_NERRNO(sym_acl_set_file(path, type, dup))) < 0) { + if (ERRNO_IS_NOT_SUPPORTED(r)) /* No error if filesystem doesn't support ACLs. Return negative. */ - return -errno; - else - /* Return positive to indicate we already warned */ - return -log_error_errno(errno, - "Setting %s ACL \"%s\" on %s failed: %m", - type == ACL_TYPE_ACCESS ? "access" : "default", - strna(t), pretty); + return r; + if (r == -EINVAL && running_in_chroot() > 0) + return log_warning_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "Setting %s ACL \"%s\" on %s failed. A chroot environment was detected, ignoring.", + type == ACL_TYPE_ACCESS ? "access" : "default", + strna(t), pretty); + /* Return positive to indicate we already warned */ + return -log_error_errno(r, + "Setting %s ACL \"%s\" on %s failed: %m", + type == ACL_TYPE_ACCESS ? "access" : "default", + strna(t), pretty); } return 0; }