From e8865688735ba3bd34297fa89cca6bde7ba33997 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 16 May 2018 22:25:12 -0400
Subject: [PATCH] core: refuse StateDirectory=private, as our internal
 DynamicUser=1 symlink is called that way

Let's better be safe than sorry.
---
 src/core/load-fragment.c | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index e17987bf070..72c6e100083 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -3988,9 +3988,21 @@ int config_parse_exec_directories(
                         continue;
                 }
 
-                if (!path_is_normalized(k) || path_is_absolute(k)) {
+                if (!path_is_normalized(k)) {
                         log_syntax(unit, LOG_ERR, filename, line, 0,
-                                   "%s= path is not valid, ignoring assignment: %s", lvalue, rvalue);
+                                   "%s= path is not normalized, ignoring assignment: %s", lvalue, rvalue);
+                        continue;
+                }
+
+                if (path_is_absolute(k)) {
+                        log_syntax(unit, LOG_ERR, filename, line, 0,
+                                   "%s= path is absolute, ignoring assignment: %s", lvalue, rvalue);
+                        continue;
+                }
+
+                if (path_startswith(k, "private")) {
+                        log_syntax(unit, LOG_ERR, filename, line, 0,
+                                   "%s= path can't be 'private', ingoring assignment: %s", lvalue, rvalue);
                         continue;
                 }
 
-- 
2.47.3