core: drop implicit support of PrivateTmp=off

Follow-up for 0e551b04efb911d38b586cca1a6a462c87a2cb1b.

Similar to the previous commit, but for PrivateTmp=.

diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
index 08c1acf397d2ebcbd32ef55331ae2fa052f9388e..9e0678542807b13720293a59244d264f33de4042 100644 (file)
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
@@ -1023,7 +1023,7 @@ static int property_get_private_tmp(
                 sd_bus_error *error) {
 
         PrivateTmp *p = ASSERT_PTR(userdata);
-        int b = *p != PRIVATE_TMP_OFF;
+        int b = *p != PRIVATE_TMP_NO;
 
         return sd_bus_message_append_basic(reply, 'b', &b);
 }
@@ -1847,7 +1847,7 @@ int bus_exec_context_set_transient_property(
                         return r;
 
                 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
-                        c->private_tmp = v ? PRIVATE_TMP_CONNECTED : PRIVATE_TMP_OFF;
+                        c->private_tmp = v ? PRIVATE_TMP_CONNECTED : PRIVATE_TMP_NO;
                         (void) unit_write_settingf(u, flags, name, "%s=%s", name, yes_no(v));
                 }
 

diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c
index 499ac4d4c66d26ab1ebb6d1cf95810c9b3d0a343..d5bd43bcd78e14044b0bee1c5956064a50ff417a 100644 (file)
--- a/src/core/exec-invoke.c
+++ b/src/core/exec-invoke.c
@@ -3852,7 +3852,7 @@ static bool exec_context_need_unprivileged_private_users(
                 return false;
 
         return context->private_users != PRIVATE_USERS_NO ||
-               context->private_tmp != PRIVATE_TMP_OFF ||
+               context->private_tmp != PRIVATE_TMP_NO ||
                context->private_devices ||
                context->private_network ||
                context->network_namespace_path ||

diff --git a/src/core/namespace.c b/src/core/namespace.c
index 6909fb4a06bfae1f07dcfad7f707f37e0d0799c1..dac476be271cbefbecc02d9844c9d267fb9a1a01 100644 (file)
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -3221,7 +3221,7 @@ static const char* const proc_subset_table[_PROC_SUBSET_MAX] = {
 DEFINE_STRING_TABLE_LOOKUP(proc_subset, ProcSubset);
 
 static const char* const private_tmp_table[_PRIVATE_TMP_MAX] = {
-        [PRIVATE_TMP_OFF]          = "off",
+        [PRIVATE_TMP_NO]           = "no",
         [PRIVATE_TMP_CONNECTED]    = "connected",
         [PRIVATE_TMP_DISCONNECTED] = "disconnected",
 };

diff --git a/src/core/namespace.h b/src/core/namespace.h
index d158b8b515ac18c3df8706ad1ef6ae567bef77ef..dfb42b7c37debaeeb285f96ef6c0f818c4fd60a5 100644 (file)
--- a/src/core/namespace.h
+++ b/src/core/namespace.h
@@ -54,7 +54,7 @@ typedef enum ProcSubset {
 } ProcSubset;
 
 typedef enum PrivateTmp {
-        PRIVATE_TMP_OFF,
+        PRIVATE_TMP_NO,
         PRIVATE_TMP_CONNECTED, /* Bind mounted from the host's filesystem */
         PRIVATE_TMP_DISCONNECTED, /* A completely private tmpfs, invisible from the host */
         _PRIVATE_TMP_MAX,

diff --git a/src/core/unit.c b/src/core/unit.c
index c303ce9282a86d7771645d1932945a49129e46cb..684fe698eea39db39eda3f9c7934dd36b9597e43 100644 (file)
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -4305,7 +4305,7 @@ int unit_patch_contexts(Unit *u) {
                         /* With DynamicUser= we want private directories, so if the user hasn't manually
                          * selected PrivateTmp=, enable it, but to a fully private (disconnected) tmpfs
                          * instance. */
-                        if (ec->private_tmp == PRIVATE_TMP_OFF)
+                        if (ec->private_tmp == PRIVATE_TMP_NO)
                                 ec->private_tmp = PRIVATE_TMP_DISCONNECTED;
                         ec->remove_ipc = true;
                         ec->protect_system = PROTECT_SYSTEM_STRICT;