76 lines
2.8 KiB
Diff
76 lines
2.8 KiB
Diff
From d83713ea522032bb135bf7f442779a431840a6db Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Michal=20Koutn=C3=BD?= <mkoutny@suse.com>
|
|
Date: Wed, 18 Jan 2023 23:20:31 +0100
|
|
Subject: [PATCH] core: mount namespaces: Remove auxiliary bind mounts
|
|
directory after unit termination
|
|
|
|
Unit that requires its own mount namespace creates a temporary directory
|
|
to implement dynamic bind mounts (org.freedesktop.systemd1.Manager.BindMountUnit).
|
|
However, this directory is never removed and they will accumulate for
|
|
each unique unit (e.g. templated units of systemd-coredump@).
|
|
|
|
Attach the auxiliary runtime directory existence to lifetime of other
|
|
"runtime" only per-unit directories.
|
|
|
|
(cherry picked from commit b9f976fb45635e09cd709dbedd0afb03d4b73c05)
|
|
|
|
Resolves: RHEL-19483
|
|
---
|
|
src/core/execute.c | 17 +++++++++++++++++
|
|
src/core/execute.h | 1 +
|
|
src/core/unit.c | 1 +
|
|
3 files changed, 19 insertions(+)
|
|
|
|
diff --git a/src/core/execute.c b/src/core/execute.c
|
|
index b5b7de6d2a..ea36254241 100644
|
|
--- a/src/core/execute.c
|
|
+++ b/src/core/execute.c
|
|
@@ -5478,6 +5478,23 @@ int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_p
|
|
return 0;
|
|
}
|
|
|
|
+int exec_context_destroy_mount_ns_dir(Unit *u) {
|
|
+ _cleanup_free_ char *p = NULL;
|
|
+
|
|
+ if (!u || !MANAGER_IS_SYSTEM(u->manager))
|
|
+ return 0;
|
|
+
|
|
+ p = path_join("/run/systemd/propagate/", u->id);
|
|
+ if (!p)
|
|
+ return -ENOMEM;
|
|
+
|
|
+ /* This is only filled transiently (see mount_in_namespace()), should be empty or even non-existent*/
|
|
+ if (rmdir(p) < 0 && errno != ENOENT)
|
|
+ log_unit_debug_errno(u, errno, "Unable to remove propagation dir '%s', ignoring: %m", p);
|
|
+
|
|
+ return 0;
|
|
+}
|
|
+
|
|
static void exec_command_done(ExecCommand *c) {
|
|
assert(c);
|
|
|
|
diff --git a/src/core/execute.h b/src/core/execute.h
|
|
index a2cf22806b..4c54422073 100644
|
|
--- a/src/core/execute.h
|
|
+++ b/src/core/execute.h
|
|
@@ -453,6 +453,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix);
|
|
|
|
int exec_context_destroy_runtime_directory(const ExecContext *c, const char *runtime_root);
|
|
int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_root, const char *unit);
|
|
+int exec_context_destroy_mount_ns_dir(Unit *u);
|
|
|
|
const char* exec_context_fdname(const ExecContext *c, int fd_index);
|
|
|
|
diff --git a/src/core/unit.c b/src/core/unit.c
|
|
index 438213a47a..c9a42ee3d7 100644
|
|
--- a/src/core/unit.c
|
|
+++ b/src/core/unit.c
|
|
@@ -5778,6 +5778,7 @@ void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
|
|
exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
|
|
|
|
exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
|
|
+ exec_context_destroy_mount_ns_dir(u);
|
|
}
|
|
|
|
int unit_clean(Unit *u, ExecCleanMask mask) {
|