From aca835ed2ef200ebe178aff2054fa37265c17698 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 5 Sep 2018 15:12:37 +0900 Subject: [PATCH] core/execute: do not use the negative errno when setup_namespace() returns -ENOANO Without this, log shows meaningless error message 'No anode', e.g., === Failed to unshare the mount namespace: Operation not permitted foo.service: Failed to set up mount namespacing: No anode foo.service: Failed at step NAMESPACE spawning /usr/bin/test: No anode === Follow-up for 1beab8b0d0ff2d7d1436b52d4a0c3d56dc908962. --- src/core/execute.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/src/core/execute.c b/src/core/execute.c index 501b367eae9..35dd3898dae 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -2400,12 +2400,16 @@ static int apply_mount_namespace( * that with a special, recognizable error ENOANO. In this case, silently proceeed, but only if exclusively * sandboxing options were used, i.e. nothing such as RootDirectory= or BindMount= that would result in a * completely different execution environment. */ - if (r == -ENOANO && - n_bind_mounts == 0 && context->n_temporary_filesystems == 0 && - !root_dir && !root_image && - !context->dynamic_user) { - log_unit_debug(u, "Failed to set up namespace, assuming containerized execution and ignoring."); - return 0; + if (r == -ENOANO) { + if (n_bind_mounts == 0 && + context->n_temporary_filesystems == 0 && + !root_dir && !root_image && + !context->dynamic_user) { + log_unit_debug(u, "Failed to set up namespace, assuming containerized execution and ignoring."); + return 0; + } + + return -EOPNOTSUPP; } return r; -- 2.47.3