[systemd-devel] [PATCH] core: reuse the same /tmp, /var/tmp and inaccessible dir

Michal Sekletar sekletar.m at gmail.com
Sat Mar 2 06:00:24 PST 2013


On Mar 1, 2013, at 3:16 PM, Lennart Poettering <lennart at poettering.net> wrote:

> On Wed, 20.02.13 14:50, Michal Sekletar (msekleta at redhat.com) wrote:
> 
>> All Execs within the service, will get mounted the same /tmp and /var/tmp
>> directories, if service is configured with PrivateTmp=yes. Temporary
>> directories are cleaned up by service itself, rather than relying on
>> systemd-tmpfiles. Same logic applies also to inaccessible directories.
> 
> Hmm, looks good in principle, but I am don't grok why we need
> ExecContext.bind_mounts? Can you elaborate?

Hi Lennart,

Originally we determined what bind mounts should be done in a child process each time we forked of a new process, and it was done after fork() in the child before executing target binary. 

Now, I've moved this computation to systemd itself and results are stored in ExecContext.bind_mounts set. Another reason was that, using former approach it was impossible to determine in pid 1, if we need to create tmpdir to be mounted as inaccessible for a child.

Michal



More information about the systemd-devel mailing list