[systemd-devel] New mount restriction? -- from Systemd policy?

David Strauss david at davidstrauss.net
Thu Apr 11 23:43:16 PDT 2013


Here is the commit with some background:
http://cgit.freedesktop.org/systemd/systemd/commit/?id=b3ac5f8cb98757416d8660023d6564a7c411f0a0

On Thu, Apr 11, 2013 at 11:42 PM, David Strauss <david at davidstrauss.net> wrote:
> On Mon, Apr 8, 2013 at 3:45 PM, Linda Walsh <suse at tlinx.org> wrote:
>> Is it something that systemd needed to have?  I.e. if it is made
>> private would systemd care?  If not, why would it have
>> been made shared?
>>
>> Maybe a default in mount for root changed?
>
> Having the default mount propagation be "shared" solves some
> situations where a configuration item (say, PrivateTmp=) requires
> spawning a service in a Linux kernel file system namespace. Other
> mounts that happen post-service start aren't visible to the service,
> despite being visible and functional to administrators. It's hard to
> debug, and it won't show any obvious warnings or errors in logs.
>
> I don't believe making root private breaks systemd itself. I think it
> just makes other administration potentially confusing.
>
> --
> David Strauss
>    | david at davidstrauss.net
>    | +1 512 577 5827 [mobile]



-- 
David Strauss
   | david at davidstrauss.net
   | +1 512 577 5827 [mobile]


More information about the systemd-devel mailing list