From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 25 May 2018 08:32:55 +0000 (+0900)
Subject: core: setup mount namespace when RootDirectory= and RuntimeDirectory= or friends... 
X-Git-Tag: v239~194^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=37c56f89d2563e5ee413e6d9ca70b01ecfbc3b4c;p=thirdparty%2Fsystemd.git

core: setup mount namespace when RootDirectory= and RuntimeDirectory= or friends are set

The directories specified by RuntimeDirectory= or friends are created
on host. So, it is necessary to bind-mount them on root directory.
---

diff --git a/src/core/execute.c b/src/core/execute.c
index 285fe5bf397..f36672c9df4 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1787,8 +1787,20 @@ static bool exec_needs_mount_namespace(
             context->protect_control_groups)
                 return true;
 
-        if (context->mount_apivfs && (context->root_image || context->root_directory))
-                return true;
+        if (context->root_directory) {
+                ExecDirectoryType t;
+
+                if (context->mount_apivfs)
+                        return true;
+
+                for (t = 0; t < _EXEC_DIRECTORY_TYPE_MAX; t++) {
+                        if (!params->prefix[t])
+                                continue;
+
+                        if (!strv_isempty(context->directories[t].paths))
+                                return true;
+                }
+        }
 
         if (context->dynamic_user &&
             (!strv_isempty(context->directories[EXEC_DIRECTORY_STATE].paths) ||