mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-10-27 01:55:32 +03:00
units: add 'smackfsroot=*' option into tmp.mount when SMACK is enabled
If SMACK is enabled, 'smackfsroot=*' option should be specified in tmp.mount file since many non-root processes use /tmp for temporary usage. If not, /tmp is labeled as '_' and smack denial occurs when writing.
This commit is contained in:
parent
e296313f7b
commit
409c2a13fd
@ -616,7 +616,8 @@ EXTRA_DIST += \
|
||||
units/initrd-udevadm-cleanup-db.service.in \
|
||||
units/initrd-switch-root.service.in \
|
||||
units/systemd-nspawn@.service.in \
|
||||
units/systemd-update-done.service.in
|
||||
units/systemd-update-done.service.in \
|
||||
units/tmp.mount.m4
|
||||
|
||||
if HAVE_SYSV_COMPAT
|
||||
nodist_systemunit_DATA += \
|
||||
|
@ -18,4 +18,6 @@ Before=local-fs.target umount.target
|
||||
What=tmpfs
|
||||
Where=/tmp
|
||||
Type=tmpfs
|
||||
Options=mode=1777,strictatime
|
||||
m4_ifdef(`HAVE_SMACK',
|
||||
`Options=mode=1777,strictatime,smackfsroot=*',
|
||||
`Options=mode=1777,strictatime')
|
Loading…
Reference in New Issue
Block a user