New directives PrivateIPC and IPCNamespacePath

author: Xℹ Ruoyao <xry111@mengyan1223.wang> 2021-02-16 23:58:56 +0800
committer: Xℹ Ruoyao <xry111@mengyan1223.wang> 2021-03-04 00:04:36 +0800
commit: a70581ffb5c13c91c76ff73ba6f5f3ff59c5a915 (patch)
tree: 1dc596f6e7fee00e6fa1bc7d10dd22ebc131179f /src/core/execute.h
parent: 54c2459d560283f556e331246f64776cebd6eba6 (diff)
download: systemd-a70581ffb5c13c91c76ff73ba6f5f3ff59c5a915.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/src/core/execute.h b/src/core/execute.h
index 20e1799b46..4c7a5b874f 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -117,6 +117,9 @@ struct ExecRuntime {
         /* An AF_UNIX socket pair, that contains a datagram containing a file descriptor referring to the network
          * namespace. */
         int netns_storage_socket[2];
+
+        /* Like netns_storage_socket, but the file descriptor is referring to the IPC namespace. */
+        int ipcns_storage_socket[2];
 };
 
 typedef enum ExecDirectoryType {
@@ -280,6 +283,7 @@ struct ExecContext {
         bool private_devices;
         bool private_users;
         bool private_mounts;
+        bool private_ipc;
         bool protect_kernel_tunables;
         bool protect_kernel_modules;
         bool protect_kernel_logs;
@@ -314,6 +318,7 @@ struct ExecContext {
         Set *address_families;
 
         char *network_namespace_path;
+        char *ipc_namespace_path;
 
         ExecDirectory directories[_EXEC_DIRECTORY_TYPE_MAX];
         ExecPreserveMode runtime_directory_preserve_mode;
author	Xℹ Ruoyao <xry111@mengyan1223.wang>	2021-02-16 23:58:56 +0800
committer	Xℹ Ruoyao <xry111@mengyan1223.wang>	2021-03-04 00:04:36 +0800
commit	a70581ffb5c13c91c76ff73ba6f5f3ff59c5a915 (patch)
tree	1dc596f6e7fee00e6fa1bc7d10dd22ebc131179f /src/core/execute.h
parent	54c2459d560283f556e331246f64776cebd6eba6 (diff)
download	systemd-a70581ffb5c13c91c76ff73ba6f5f3ff59c5a915.tar.gz