projects / platform / upstream / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b7c1f9e) | patch
core: pass bpf_outer_map_fd to sd-executor only if RestrictFileSystems was set
authorLuca Boccassi <bluca@debian.org>
Thu, 23 Nov 2023 19:08:22 +0000 (19:08 +0000)
committerLuca Boccassi <bluca@debian.org>
Thu, 23 Nov 2023 19:08:38 +0000 (19:08 +0000)
commit60ef4baeedc34b5c7ab0e2f211684f9b96d63f82
treedebae017ef10685bb76f152b77bec2d957ee7ca8tree | snapshot
parentb7c1f9eaf490c65c431af9fd93d974479ab315aacommit | diff
core: pass bpf_outer_map_fd to sd-executor only if RestrictFileSystems was set

It causes SELinux denials to be raised, so restrict it only where needed

Follow-up for beb4ae87558cae
src/core/execute-serialize.c diff | blob | history
Domain: System / System Framework;