[systemd-devel] jailrooting services with RootDirectory - how ?

Branko brankob at avtomatika.com
Wed Sep 28 09:00:37 UTC 2022


On Wed, 28 Sep 2022 18:51:01 +1000 (AEST)
Michael Chapman <mike at very.puzzling.org> wrote:

> On Wed, 28 Sep 2022, Branko wrote:
> > On Wed, 28 Sep 2022 18:11:14 +1000 (AEST)
> > Michael Chapman <mike at very.puzzling.org> wrote:
> > 
> > Sure, but this example is kind of useless as it doesn't bind-mount
> > anything into chroot.  
> 
> Sure, but you didn't mention anything about bind mounts.
> 
> I added:
> 
>     BindReadOnlyPaths=/usr
> 
> and my example still works for me.

OK. You have bound one path. Is the executable  within it or is it
irrelevant for the case ( and the executable is in /tmp) ?


More information about the systemd-devel mailing list