[systemd-devel] [PATCH] core/namespace: Protect /usr instead of /home with ProtectSystem=yes

Jason Pleau jason at jpleau.ca
Sun May 31 09:51:17 PDT 2015


A small typo in ee818b8 caused /home to be put in read-only instead of
/usr when ProtectSystem was enabled (ie: not set to "no").
---
 src/core/namespace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/core/namespace.c b/src/core/namespace.c
index 7d0b7e7..01a817b 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -499,7 +499,7 @@ int setup_namespace(
                 if (protect_system != PROTECT_SYSTEM_NO) {
                         const char *usr_dir, *boot_dir, *etc_dir;
 
-                        usr_dir = prefix_roota(root_directory, "/home");
+                        usr_dir = prefix_roota(root_directory, "/usr");
                         boot_dir = prefix_roota(root_directory, "/boot");
                         boot_dir = strjoina("-", boot_dir);
                         etc_dir = prefix_roota(root_directory, "/etc");
-- 
2.1.4



More information about the systemd-devel mailing list