[systemd-devel] jailrooting services with RootDirectory - how ?
Branko
brankob at avtomatika.com
Wed Sep 28 09:00:37 UTC 2022
On Wed, 28 Sep 2022 18:51:01 +1000 (AEST)
Michael Chapman <mike at very.puzzling.org> wrote:
> On Wed, 28 Sep 2022, Branko wrote:
> > On Wed, 28 Sep 2022 18:11:14 +1000 (AEST)
> > Michael Chapman <mike at very.puzzling.org> wrote:
> >
> > Sure, but this example is kind of useless as it doesn't bind-mount
> > anything into chroot.
>
> Sure, but you didn't mention anything about bind mounts.
>
> I added:
>
> BindReadOnlyPaths=/usr
>
> and my example still works for me.
OK. You have bound one path. Is the executable within it or is it
irrelevant for the case ( and the executable is in /tmp) ?
More information about the systemd-devel
mailing list