From: Lennart Poettering Date: Thu, 28 Sep 2017 16:28:23 +0000 (+0200) Subject: namespace: create /dev, /proc, /sys when needed X-Git-Tag: v235~36^2~11 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=645767d6b5fd965de6367e6c1289ec295ea77cd7;p=thirdparty%2Fsystemd.git namespace: create /dev, /proc, /sys when needed We already create /dev implicitly if PrivateTmp=yes is on, if it is missing. Do so too for the other two API VFS, as well as for /dev if PrivateTmp=yes is off but MountAPIVFS=yes is on (i.e. when /dev is bind mounted from the host). --- diff --git a/src/core/namespace.c b/src/core/namespace.c index 09eac6bfe8d..8511131ff15 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -618,6 +618,8 @@ static int mount_bind_dev(MountEntry *m) { /* Implements the little brother of mount_private_dev(): simply bind mounts the host's /dev into the service's * /dev. This is only used when RootDirectory= is set. */ + (void) mkdir_p_label(mount_entry_path(m), 0755); + r = path_is_mount_point(mount_entry_path(m), NULL, 0); if (r < 0) return log_debug_errno(r, "Unable to determine whether /dev is already mounted: %m"); @@ -635,6 +637,8 @@ static int mount_sysfs(MountEntry *m) { assert(m); + (void) mkdir_p_label(mount_entry_path(m), 0755); + r = path_is_mount_point(mount_entry_path(m), NULL, 0); if (r < 0) return log_debug_errno(r, "Unable to determine whether /sys is already mounted: %m"); @@ -653,6 +657,8 @@ static int mount_procfs(MountEntry *m) { assert(m); + (void) mkdir_p_label(mount_entry_path(m), 0755); + r = path_is_mount_point(mount_entry_path(m), NULL, 0); if (r < 0) return log_debug_errno(r, "Unable to determine whether /proc is already mounted: %m");