load-fragment: Fix config_parse_namespace_flags() for DelegateNamespaces=

Boolean values have to be handled separately for RestrictNamespaces= because
they get stored in a field with reverse meaning (which namespaces are retained),
so let's check which field we're parsing and set the proper value accordingly.

diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 2eb3ed4cf4d8e523b76211cbc42b8ffeabd21c04..60e7c2f50db2dbe4a2b502dcac8e2ccc7f9158cc 100644 (file)
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -3593,10 +3593,13 @@ int config_parse_namespace_flags(
         /* Boolean parameter ignores the previous settings */
         r = parse_boolean(rvalue);
         if (r > 0) {
-                *flags = 0;
+                /* RestrictNamespaces= value gets stored into a field with reverse semantics (the namespaces
+                 * which are retained), so RestrictNamespaces=true means we retain no access to any
+                 * namespaces and vice-versa. */
+                *flags = streq(lvalue, "RestrictNamespaces") ? 0 : all;
                 return 0;
         } else if (r == 0) {
-                *flags = all;
+                *flags = streq(lvalue, "RestrictNamespaces") ? all : 0;
                 return 0;
         }