[systemd-commits] 2 commits - tmpfiles.d/systemd.conf units/var-lock.mount units/var-run.mount

[Lennart Poettering]

 tmpfiles.d/systemd.conf |    2 +-
 units/var-lock.mount    |    2 +-
 units/var-run.mount     |    2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

New commits:
commit a55c7d2ea0033487a3a5b784035689e3bebf6e94
Author: Lennart Poettering <lennart at poettering.net>
Date:   Mon Oct 25 23:28:42 2010 +0200

    mount: add nosuid,nodev,noexec switches to /var/lock and /var/run

diff --git a/units/var-lock.mount b/units/var-lock.mount
index f14ea94..0ea2599 100644
--- a/units/var-lock.mount
+++ b/units/var-lock.mount
@@ -13,4 +13,4 @@ Before=local-fs.target
 What=tmpfs
 Where=/var/lock
 Type=tmpfs
-Options=mode=775,gid=lock
+Options=mode=775,gid=lock,nosuid,nodev,noexec
diff --git a/units/var-run.mount b/units/var-run.mount
index f786289..8ccb4bb 100644
--- a/units/var-run.mount
+++ b/units/var-run.mount
@@ -13,4 +13,4 @@ Before=local-fs.target
 What=tmpfs
 Where=/var/run
 Type=tmpfs
-Options=mode=755
+Options=mode=755,nosuid,nodev,noexec

commit 4d91b19eb62d6aa1b8da0699a4664dc97760a4f4
Author: Bill Nottingham <notting at redhat.com>
Date:   Mon Oct 25 23:25:51 2010 +0200

    tmpfiles: Don't clean /var/lock/subsys; it is not aged content
    
    It will get 'cleaned' on boot due to being tmpfs anyway.

diff --git a/tmpfiles.d/systemd.conf b/tmpfiles.d/systemd.conf
index f43a574..f73ab90 100644
--- a/tmpfiles.d/systemd.conf
+++ b/tmpfiles.d/systemd.conf
@@ -5,7 +5,7 @@
 #  the Free Software Foundation; either version 2 of the License, or
 #  (at your option) any later version.
 
-d /var/lock/subsys 0755 root root 10d
+d /var/lock/subsys 0755 root root -
 d /var/run/user 0755 root root 10d
 F /var/run/utmp 0664 root utmp -
 f /var/log/wtmp 0664 root utmp -