80 lines
3.0 KiB
Diff
80 lines
3.0 KiB
Diff
From b7e5e6e85048c1a71632bc2d5efe57fb1bfe7472 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Michal=20Koutn=C3=BD?= <mkoutny@suse.com>
|
|
Date: Wed, 18 Jan 2023 23:20:31 +0100
|
|
Subject: [PATCH] core: mount namespaces: Remove auxiliary bind mounts
|
|
directory after unit termination
|
|
|
|
Unit that requires its own mount namespace creates a temporary directory
|
|
to implement dynamic bind mounts (org.freedesktop.systemd1.Manager.BindMountUnit).
|
|
However, this directory is never removed and they will accumulate for
|
|
each unique unit (e.g. templated units of systemd-coredump@).
|
|
|
|
Attach the auxiliary runtime directory existence to lifetime of other
|
|
"runtime" only per-unit directories.
|
|
|
|
(cherry picked from commit b9f976fb45635e09cd709dbedd0afb03d4b73c05)
|
|
(cherry picked from commit 80e8340ec49d0da3744cdf81f82202e13b0fad3b)
|
|
(cherry picked from commit fd260cb37e3441b851c7fee4825d5b6af17f66ca)
|
|
(cherry picked from commit ff542dcd1a8c2c7cdc96b9f4b9889774b9474c26)
|
|
---
|
|
src/core/execute.c | 17 +++++++++++++++++
|
|
src/core/execute.h | 1 +
|
|
src/core/unit.c | 1 +
|
|
3 files changed, 19 insertions(+)
|
|
|
|
diff --git a/src/core/execute.c b/src/core/execute.c
|
|
index 37f63a9378..6844b1d28f 100644
|
|
--- a/src/core/execute.c
|
|
+++ b/src/core/execute.c
|
|
@@ -4978,6 +4978,23 @@ int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_p
|
|
return 0;
|
|
}
|
|
|
|
+int exec_context_destroy_mount_ns_dir(Unit *u) {
|
|
+ _cleanup_free_ char *p = NULL;
|
|
+
|
|
+ if (!u || !MANAGER_IS_SYSTEM(u->manager))
|
|
+ return 0;
|
|
+
|
|
+ p = path_join("/run/systemd/propagate/", u->id);
|
|
+ if (!p)
|
|
+ return -ENOMEM;
|
|
+
|
|
+ /* This is only filled transiently (see mount_in_namespace()), should be empty or even non-existent*/
|
|
+ if (rmdir(p) < 0 && errno != ENOENT)
|
|
+ log_unit_debug_errno(u, errno, "Unable to remove propagation dir '%s', ignoring: %m", p);
|
|
+
|
|
+ return 0;
|
|
+}
|
|
+
|
|
static void exec_command_done(ExecCommand *c) {
|
|
assert(c);
|
|
|
|
diff --git a/src/core/execute.h b/src/core/execute.h
|
|
index 47349a69a2..f1f0ee4186 100644
|
|
--- a/src/core/execute.h
|
|
+++ b/src/core/execute.h
|
|
@@ -422,6 +422,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix);
|
|
|
|
int exec_context_destroy_runtime_directory(const ExecContext *c, const char *runtime_root);
|
|
int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_root, const char *unit);
|
|
+int exec_context_destroy_mount_ns_dir(Unit *u);
|
|
|
|
const char* exec_context_fdname(const ExecContext *c, int fd_index);
|
|
|
|
diff --git a/src/core/unit.c b/src/core/unit.c
|
|
index 0e8a01966a..0f44ea8bcd 100644
|
|
--- a/src/core/unit.c
|
|
+++ b/src/core/unit.c
|
|
@@ -5700,6 +5700,7 @@ void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
|
|
exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
|
|
|
|
exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
|
|
+ exec_context_destroy_mount_ns_dir(u);
|
|
}
|
|
|
|
int unit_clean(Unit *u, ExecCleanMask mask) {
|
|
--
|
|
2.27.0
|
|
|