IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We can't remount the underlying superblocks, if we are inside a user
namespace and running Linux <= 4.17. We can only change the per-mount
flags (MS_REMOUNT | MS_BIND).
This type of mount() call can only change the per-mount flags, so we
don't have to worry about passing the right string options now.
Fixes#9914 ("Since 1beab8b was merged, systemd has been failing to start
systemd-resolved inside unprivileged containers" ... "Failed to re-mount
'/run/systemd/unit-root/dev' read-only: Operation not permitted").
> It's basically my fault :-). I pointed out we could remount read-only
> without MS_BIND when reviewing the PR that added TemporaryFilesystem=,
> and poettering suggested to change PrivateDevices= at the same time.
> I think it's safe to change back, and I don't expect anyone will notice
> a difference in behaviour.
>
> It just surprised me to realize that
> `TemporaryFilesystem=/tmp:size=10M,ro,nosuid` would not apply `ro` to the
> superblock (underlying filesystem), like mount -osize=10M,ro,nosuid does.
> Maybe a comment could note the kernel version (v4.18), that lets you
> remount without MS_BIND inside a user namespace.
This makes the code longer and I guess this function is still ugly, sorry.
One obstacle to cleaning it up is the interaction between
`PrivateDevices=yes` and `ReadOnlyPaths=/dev`. I've added a test for the
existing behaviour, which I think is now the correct behaviour.
The extended testsuite only works with uid=0. It contains of several
subdirectories named "test/TEST-??-*", which are run one by one.
To run the extended testsuite do the following:
$ make all # Avoid the "sudo make" below building anything as root
$ cd test
$ sudo make clean check
...
make[1]: Entering directory `/mnt/data/harald/git/systemd/test/TEST-01-BASIC'
Making all in .
Making all in po
TEST: Basic systemd setup [OK]
make[1]: Leaving directory `/mnt/data/harald/git/systemd/test/TEST-01-BASIC'
...
If one of the tests fails, then $subdir/test.log contains the log file of
the test.
To debug a special testcase of the testsuite do:
$ make all
$ cd test/TEST-01-BASIC
$ sudo make clean setup run
QEMU
====
If you want to log in the testsuite virtual machine, you can specify
additional kernel command line parameter with $KERNEL_APPEND.
$ sudo make KERNEL_APPEND="systemd.unit=multi-user.target" clean setup run
you can even skip the "clean" and "setup" if you want to run the machine again.
$ sudo make KERNEL_APPEND="systemd.unit=multi-user.target" run
You can specify a different kernel and initramfs with $KERNEL_BIN and $INITRD.
(Fedora's or Debian's default kernel path and initramfs are used by default)
$ sudo make KERNEL_BIN=/boot/vmlinuz-foo INITRD=/boot/initramfs-bar clean check
A script will try to find your QEMU binary. If you want to specify a different
one you can use $QEMU_BIN.
$ sudo make QEMU_BIN=/path/to/qemu/qemu-kvm clean check
69338c3dfb
