If mode= is not set in rootflags= add mode=0755 when a tmpfs
is used on the rootfs, otherwise it will be group/world writable
as that's the default mode for tmpfs filesystems.
Follow-up for
725ad3b06288b2beeaaf178120010612a30646e4
return log_oom();
fstype = arg_root_fstype ?: "tmpfs"; /* tmpfs, unless overridden */
+ if (streq(fstype, "tmpfs") && !fstab_test_option(arg_root_options, "mode\0"))
+ extra_opts = "mode=0755"; /* root directory should not be world/group writable, unless overridden */
} else {
what = fstab_node_to_udev_node(arg_root_what);
What=rootfs
Where=/sysroot
Type=tmpfs
-Options=rw
+Options=rw,mode=0755
projects / thirdparty / systemd.git / commitdiff
