From a631cbfae3fab810db01238867ae93191dbfbeed Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 19 Jan 2021 17:31:21 +0100 Subject: [PATCH] execute: for processes where creds logic is turned off, don't pass creds path to namespace logic Otherwise, the namespace logic will try to mount a dir that doesn't actually exist. Fixes: #18116 --- src/core/execute.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/core/execute.c b/src/core/execute.c index 14bebf4b3f4..38235ec77ed 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -3183,7 +3183,9 @@ static int apply_mount_namespace( if (context->mount_flags == MS_SHARED) log_unit_debug(u, "shared mount propagation hidden by other fs namespacing unit settings: ignoring"); - if (exec_context_has_credentials(context) && params->prefix[EXEC_DIRECTORY_RUNTIME]) { + if (exec_context_has_credentials(context) && + params->prefix[EXEC_DIRECTORY_RUNTIME] && + FLAGS_SET(params->flags, EXEC_WRITE_CREDENTIALS)) { creds_path = path_join(params->prefix[EXEC_DIRECTORY_RUNTIME], "credentials", u->id); if (!creds_path) { r = -ENOMEM; -- 2.47.3