mirror of
https://github.com/systemd/systemd.git
synced 2024-10-31 16:21:26 +03:00
5e8deb94c6
Allow to setup new bind mounts for a service at runtime (via either DBUS or a new 'systemctl bind' verb) with a new helper that forks into the unit's mount namespace. Add a new integration test to cover this. Useful for zero-downtime addition to services that are running inside mount namespaces, especially when using RootImage/RootDirectory. If a service runs with a read-only root, a tmpfs is added on /run to ensure we can create the airlock directory for incoming mounts under /run/host/incoming.
44 lines
1.1 KiB
Bash
Executable File
44 lines
1.1 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -ex
|
|
|
|
echo "MARKER_FIXED" > /run/testservice-57-fixed
|
|
mkdir -p /run/inaccessible
|
|
|
|
systemctl start testsuite-57-namespaced.service
|
|
|
|
# Ensure that inaccessible paths aren't bypassed by the runtime setup
|
|
set +e
|
|
systemctl bind --mkdir testsuite-57-namespaced.service /run/testservice-57-fixed /run/inaccessible/testfile_fixed && exit 1
|
|
set -e
|
|
|
|
echo "MARKER_RUNTIME" > /run/testservice-57-runtime
|
|
|
|
systemctl bind --mkdir testsuite-57-namespaced.service /run/testservice-57-runtime /tmp/testfile_runtime
|
|
|
|
while systemctl show -P SubState testsuite-57-namespaced.service | grep -q running
|
|
do
|
|
sleep 0.1
|
|
done
|
|
|
|
systemctl is-active testsuite-57-namespaced.service
|
|
|
|
# Now test that systemctl bind fails when attempted on a non-namespaced unit
|
|
systemctl start testsuite-57-non-namespaced.service
|
|
|
|
set +e
|
|
systemctl bind --mkdir testsuite-57-non-namespaced.service /run/testservice-57-runtime /tmp/testfile_runtime && exit 1
|
|
set -e
|
|
|
|
while systemctl show -P SubState testsuite-57-non-namespaced.service | grep -q running
|
|
do
|
|
sleep 0.1
|
|
done
|
|
|
|
set +e
|
|
systemctl is-active testsuite-57-non-namespaced.service && exit 1
|
|
set -e
|
|
|
|
echo OK > /testok
|
|
|
|
exit 0
|