27 lines
1.8 KiB
Diff
27 lines
1.8 KiB
Diff
From 7ec42a45410cb27140292d85ebb0e4b6dcea5555 Mon Sep 17 00:00:00 2001
|
|
From: Dave Reisner <dreisner@archlinux.org>
|
|
Date: Wed, 7 Dec 2016 13:45:48 -0500
|
|
Subject: [PATCH] nspawn: don't hide --bind=/tmp/* mounts
|
|
|
|
This is a v232-applicable version of upstream c9fd987279a462e.
|
|
---
|
|
src/nspawn/nspawn-mount.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c
|
|
index 115de64..2dabe2a 100644
|
|
--- a/src/nspawn/nspawn-mount.c
|
|
+++ b/src/nspawn/nspawn-mount.c
|
|
@@ -382,7 +382,7 @@ int mount_all(const char *dest,
|
|
{ "tmpfs", "/dev", "tmpfs", "mode=755", MS_NOSUID|MS_STRICTATIME, true, false, false },
|
|
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME, true, false, false },
|
|
{ "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME, true, false, false },
|
|
- { "tmpfs", "/tmp", "tmpfs", "mode=1777", MS_STRICTATIME, true, true, false },
|
|
+ { "tmpfs", "/tmp", "tmpfs", "mode=1777", MS_STRICTATIME, true, false, false },
|
|
#ifdef HAVE_SELINUX
|
|
{ "/sys/fs/selinux", "/sys/fs/selinux", NULL, NULL, MS_BIND, false, false, false }, /* Bind mount first */
|
|
{ NULL, "/sys/fs/selinux", NULL, NULL, MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, false, false, false }, /* Then, make it r/o */
|
|
--
|
|
2.10.2
|
|
|