On Mar 1, 2013, at 3:16 PM, Lennart Poettering <[email protected]> wrote:
> On Wed, 20.02.13 14:50, Michal Sekletar ([email protected]) wrote: > >> All Execs within the service, will get mounted the same /tmp and /var/tmp >> directories, if service is configured with PrivateTmp=yes. Temporary >> directories are cleaned up by service itself, rather than relying on >> systemd-tmpfiles. Same logic applies also to inaccessible directories. > > Hmm, looks good in principle, but I am don't grok why we need > ExecContext.bind_mounts? Can you elaborate? Hi Lennart, Originally we determined what bind mounts should be done in a child process each time we forked of a new process, and it was done after fork() in the child before executing target binary. Now, I've moved this computation to systemd itself and results are stored in ExecContext.bind_mounts set. Another reason was that, using former approach it was impossible to determine in pid 1, if we need to create tmpdir to be mounted as inaccessible for a child. Michal _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
