[OE-core] [PATCH v2] systemd: re-enable mount propagation for udevd
Hongzhi.Song
hongzhi.song at windriver.com
Thu Feb 22 08:36:15 UTC 2018
With MountFlags=slave, those mounts then become private to the systemd-udevd
namespace and are no longer accessible from outside the namespace, which is
not expected.
Signed-off-by: Hongzhi.Song <hongzhi.song at windriver.com>
---
...evd-re-enable-mount-propagation-for-udevd.patch | 33 ++++++++++++++++++++++
meta/recipes-core/systemd/systemd_234.bb | 1 +
2 files changed, 34 insertions(+)
create mode 100644 meta/recipes-core/systemd/systemd/systemd-udevd-re-enable-mount-propagation-for-udevd.patch
diff --git a/meta/recipes-core/systemd/systemd/systemd-udevd-re-enable-mount-propagation-for-udevd.patch b/meta/recipes-core/systemd/systemd/systemd-udevd-re-enable-mount-propagation-for-udevd.patch
new file mode 100644
index 0000000..fce7bdd
--- /dev/null
+++ b/meta/recipes-core/systemd/systemd/systemd-udevd-re-enable-mount-propagation-for-udevd.patch
@@ -0,0 +1,33 @@
+From 11a3312d36109f5e5a7697ddb05c533c51e2cd75 Mon Sep 17 00:00:00 2001
+From: "Hongzhi.Song" <hongzhi.song at windriver.com>
+Date: Mon, 19 Feb 2018 20:43:02 -0500
+Subject: [PATCH] systemd-udevd: re-enable mount propagation for udevd
+
+Upstream-Status: Inappropriate [embedded specific]
+
+Change the mount propagation flag from MountFlags=slave to MountFlags=shared
+(default). Use shared to ensure that mounts and unmounts are propagated from
+systemd's namespace to the service's namespace and vice versa, while use slave
+to run processes so that none of their mounts and unmounts will propagate to
+the host.
+
+Signed-off-by: Hongzhi.Song <hongzhi.song at windriver.com>
+---
+ units/systemd-udevd.service.in | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in
+index fc037b5..841d7a8 100644
+--- a/units/systemd-udevd.service.in
++++ b/units/systemd-udevd.service.in
+@@ -24,7 +24,6 @@ ExecStart=@rootlibexecdir@/systemd-udevd
+ KillMode=mixed
+ WatchdogSec=3min
+ TasksMax=infinity
+-MountFlags=slave
+ MemoryDenyWriteExecute=yes
+ RestrictRealtime=yes
+ RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
+--
+2.8.1
+
diff --git a/meta/recipes-core/systemd/systemd_234.bb b/meta/recipes-core/systemd/systemd_234.bb
index d12e94f..6aceafb 100644
--- a/meta/recipes-core/systemd/systemd_234.bb
+++ b/meta/recipes-core/systemd/systemd_234.bb
@@ -51,6 +51,7 @@ SRC_URI = "git://github.com/systemd/systemd.git;protocol=git \
file://0001-meson-update-header-file-to-detect-memfd_create.patch \
file://0002-configure.ac-Check-if-memfd_create-is-already-define.patch \
file://0003-fileio-include-sys-mman.h.patch \
+ file://systemd-udevd-re-enable-mount-propagation-for-udevd.patch \
"
SRC_URI_append_qemuall = " file://0001-core-device.c-Change-the-default-device-timeout-to-2.patch"
--
2.8.1
More information about the Openembedded-core
mailing list