core: do not create symlink to private directory if parent already exists

The very basic functinality of StateDirectory= or friends is creating specified directories. That should work if one entry is a subdirectory of another. However, it does not when combined with DynamicUser=yes. To support such case, this adds ExecDirectoryItem.only_create flag, and if it is set PID1 only create private directory, and not create the symlink to the private directory. Fixes #24783.
author: Yu Watanabe <watanabe.yu+github@gmail.com> 2022-09-22 13:06:54 +0900
committer: Yu Watanabe <watanabe.yu+github@gmail.com> 2022-10-03 09:25:00 +0900
commit: a2ab603cc42e1484c799f76a233b077c17db91cb (patch)
tree: c94474cd395761e4b367b9adaafc223c71d9cd6d /src/core/unit.c
parent: 564e5c987877f7e481d896c7fd82e8e5a69addc2 (diff)
download: systemd-a2ab603cc42e1484c799f76a233b077c17db91cb.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/src/core/unit.c b/src/core/unit.c
index d181d03b7a..d6bea2080f 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -4131,6 +4131,9 @@ int unit_patch_contexts(Unit *u) {
                         ec->no_new_privileges = true;
                         ec->restrict_suid_sgid = true;
                 }
+
+                for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
+                        exec_directory_sort(ec->directories + dt);
         }
 
         cc = unit_get_cgroup_context(u);
author	Yu Watanabe <watanabe.yu+github@gmail.com>	2022-09-22 13:06:54 +0900
committer	Yu Watanabe <watanabe.yu+github@gmail.com>	2022-10-03 09:25:00 +0900
commit	a2ab603cc42e1484c799f76a233b077c17db91cb (patch)
tree	c94474cd395761e4b367b9adaafc223c71d9cd6d /src/core/unit.c
parent	564e5c987877f7e481d896c7fd82e8e5a69addc2 (diff)
download	systemd-a2ab603cc42e1484c799f76a233b077c17db91cb.tar.gz