[systemd-devel] jailrooting services with RootDirectory - how ?
Luca Boccassi
bluca at debian.org
Wed Sep 28 22:33:22 UTC 2022
On Wed, 2022-09-28 at 09:59 +0000, Branko wrote:
> On Wed, 28 Sep 2022 19:26:58 +1000 (AEST)
> Michael Chapman <mike at very.puzzling.org> wrote:
>
> > On Wed, 28 Sep 2022, Branko wrote:
> > [...]
> >
> > No.
> >
> > I've given you a small, self-contained, working example.
> >
> > It's now your turn to give us a small, self-contained, non-working
> > example, and to tell us what error messages and log messages you got
> > for it.
>
> OK. I h
> Here is my_debug source:
> ************************
> include <stdio.h>
>
> int main() {
> printf("************ IT's WORKING ***************\n");
> }
> *******************************
> It was compiled with "gcc --static -o my_debug my_debug.c"
> executable is placed in /usr/local/bin/my_debug
>
>
> Service file:
> ********************************
> [Service]
> Type=exec
> ExecStart=/usr/local/bin/my_debug
> RootDirectory=/CHROOTS/my_debug
> BindPaths=/usr/local/bin/my_debug:/CHROOTS/my_debug/usr/local/bin/my_debug
> # just in case
> BindPaths=/lib:/CHROOTS/my_debug/lib
> BindPaths=/lib64:/CHROOTS/my_debug/lib64
> BindPaths=/usr/lib64:/CHROOTS/my_debug/usr/lib64
> BindPaths=/usr/lib:/CHROOTS/my_debug/usr/lib
> ********************************************
https://www.freedesktop.org/software/systemd/man/systemd.exec.html#BindPaths=
"This option is particularly useful when RootDirectory=/RootImage= is
used. In this case the source path refers to a path on the host file
system, while the destination path refers to a path below the root
directory of the unit."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20220928/9348defb/attachment.sig>
More information about the systemd-devel
mailing list