mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
Merge pull request #34336 from yuwata/nspawn-fuse-follow-ups
nspawn: follow-ups for FUSE support
This commit is contained in:
commit
214c2508f3
@ -43,7 +43,7 @@ static int append_machine_properties(
|
|||||||
return bus_log_create_error(r);
|
return bus_log_create_error(r);
|
||||||
if (enable_fuse) {
|
if (enable_fuse) {
|
||||||
r = sd_bus_message_append(m, "(sv)", "DeviceAllow", "a(ss)", 1,
|
r = sd_bus_message_append(m, "(sv)", "DeviceAllow", "a(ss)", 1,
|
||||||
"/dev/fuse", "rw");
|
"/dev/fuse", "rwm");
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return bus_log_create_error(r);
|
return bus_log_create_error(r);
|
||||||
}
|
}
|
||||||
|
@ -2208,7 +2208,7 @@ static bool should_enable_fuse(void) {
|
|||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
if (ERRNO_IS_NEG_DEVICE_ABSENT(r))
|
if (ERRNO_IS_NEG_DEVICE_ABSENT(r))
|
||||||
log_debug_errno(r, "Disabling FUSE: FUSE appears to be disabled on the host: %m");
|
log_debug_errno(r, "Disabling FUSE: FUSE appears to be disabled on the host: %m");
|
||||||
else if (r == -ENOSYS)
|
else if (ERRNO_IS_NEG_NOT_SUPPORTED(r))
|
||||||
log_debug_errno(r, "Disabling FUSE: Kernel does not support the fsopen() family of syscalls: %m");
|
log_debug_errno(r, "Disabling FUSE: Kernel does not support the fsopen() family of syscalls: %m");
|
||||||
else
|
else
|
||||||
log_warning_errno(r, "Disabling FUSE: Failed to determine FUSE version: %m");
|
log_warning_errno(r, "Disabling FUSE: Failed to determine FUSE version: %m");
|
||||||
|
@ -36,9 +36,6 @@ TasksMax=16384
|
|||||||
DevicePolicy=closed
|
DevicePolicy=closed
|
||||||
DeviceAllow=/dev/net/tun rwm
|
DeviceAllow=/dev/net/tun rwm
|
||||||
DeviceAllow=char-pts rw
|
DeviceAllow=char-pts rw
|
||||||
{# /dev/fuse gets 'm' here even though it doesn't in nspawn-register.c, since
|
|
||||||
# efedb6b0f3 (nspawn: refuse to bind mount device node from host when
|
|
||||||
# --private-users= is specified, 2024-09-05) #}
|
|
||||||
DeviceAllow=/dev/fuse rwm
|
DeviceAllow=/dev/fuse rwm
|
||||||
|
|
||||||
# nspawn itself needs access to /dev/loop-control and /dev/loop, to implement
|
# nspawn itself needs access to /dev/loop-control and /dev/loop, to implement
|
||||||
|
Loading…
Reference in New Issue
Block a user