From: Luca Bruno Date: Sat, 24 Sep 2016 12:30:42 +0000 (+0000) Subject: nspawn: decouple --boot from CLONE_NEWIPC (#4180) X-Git-Tag: v234~1063 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=48a8d337a62cfa444769dfb8b1a7857fd8fb50e6;p=platform%2Fupstream%2Fsystemd.git nspawn: decouple --boot from CLONE_NEWIPC (#4180) This commit is a minor tweak after the split of `--share-system`, decoupling the `--boot` option from IPC namespacing. Historically there has been a single `--share-system` option for sharing IPC/PID/UTS with the host, which was incompatible with boot/pid1 mode. After the split, it is now possible to express the requirements with better granularity. For reference, this is a followup to #4023 which contains references to previous discussions. I realized too late that CLONE_NEWIPC is not strictly needed for boot mode. --- diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 632c128..0d61d34 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1045,7 +1045,8 @@ static int parse_argv(int argc, char *argv[]) { parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_UTS", CLONE_NEWUTS); parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_SYSTEM", CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWUTS); - if (arg_clone_ns_flags != (CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWUTS)) { + if (!(arg_clone_ns_flags & CLONE_NEWPID) || + !(arg_clone_ns_flags & CLONE_NEWUTS)) { arg_register = false; if (arg_start_mode != START_PID1) { log_error("--boot cannot be used without namespacing.");