namespace: allow overriding /run with a TemporaryFileSystem=

Lower priority of RUN, so that TMPFS and especially the mount flags given with `TemporaryFileSystem=` are used. This allows making `/run` private with drop-ins such as: ``` [Service] BindReadOnlyPaths=/run/systemd:/run/systemd:norbind TemporaryFileSystem=/run:nodev,noexec,nosuid,rw,size=32k,nr_inodes=10,mode=0755 ```
author: Topi Miettinen <toiwoton@gmail.com> 2021-12-07 22:34:17 +0200
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2021-12-11 15:57:42 +0100
commit: 124139859e505c630aec6605d3c5ec923f531e24 (patch)
tree: 21da9d553bd0dbe402a574006d1a7aec68b6a69b /src/core/namespace.c
parent: b5d2163b8ed0773d05cb3db1a48630e0ca4ba0a6 (diff)
download: systemd-124139859e505c630aec6605d3c5ec923f531e24.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/core/namespace.c b/src/core/namespace.c
index 9c8a5fdde2..c549dcc96b 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -57,12 +57,12 @@ typedef enum MountMode {
         EMPTY_DIR,
         SYSFS,
         PROCFS,
-        RUN,
         READONLY,
         READWRITE,
         NOEXEC,
         EXEC,
         TMPFS,
+        RUN,
         EXTENSION_IMAGES, /* Mounted outside the root directory, and used by subsequent mounts */
         MQUEUEFS,
         READWRITE_IMPLICIT, /* Should have the lowest priority. */
author	Topi Miettinen <toiwoton@gmail.com>	2021-12-07 22:34:17 +0200
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2021-12-11 15:57:42 +0100
commit	124139859e505c630aec6605d3c5ec923f531e24 (patch)
tree	21da9d553bd0dbe402a574006d1a7aec68b6a69b /src/core/namespace.c
parent	b5d2163b8ed0773d05cb3db1a48630e0ca4ba0a6 (diff)
download	systemd-124139859e505c630aec6605d3c5ec923f531e24.tar.gz