|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
From fce5e80589911d813dd13d1d0d64df96e0ab7939 Mon Sep 17 00:00:00 2001
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
From: Lennart Poettering <lennart@poettering.net>
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
Date: Fri, 4 Jul 2014 03:07:20 +0200
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
Subject: [PATCH] units: conditionalize static device node logic on
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
CAP_SYS_MODULES instead of CAP_MKNOD
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
npsawn containers generally have CAP_MKNOD, since this is required
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
to make PrviateDevices= work. Thus, it's not useful anymore to
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
conditionalize the kmod static device node units.
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
Use CAP_SYS_MODULES instead which is not available for nspawn
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
containers. However, the static device node logic is only done for being
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
able to autoload modules with it, and if we can't do that there's no
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
point in doing it.
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
(cherry picked from commit e0c74691c41a204eba2fd5f39615049fc9ff1648)
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
---
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
units/kmod-static-nodes.service.in | 2 +-
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
units/systemd-tmpfiles-setup-dev.service.in | 2 +-
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
2 files changed, 2 insertions(+), 2 deletions(-)
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
index 368f980fd1..0934a8751f 100644
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
--- a/units/kmod-static-nodes.service.in
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
+++ b/units/kmod-static-nodes.service.in
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
@@ -9,7 +9,7 @@
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
Description=Create list of required static device nodes for the current kernel
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
DefaultDependencies=no
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
Before=sysinit.target systemd-tmpfiles-setup-dev.service
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
-ConditionCapability=CAP_MKNOD
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
+ConditionCapability=CAP_SYS_MODULE
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
ConditionPathExists=/lib/modules/%v/modules.devname
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
[Service]
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
diff --git a/units/systemd-tmpfiles-setup-dev.service.in b/units/systemd-tmpfiles-setup-dev.service.in
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
index b9cfc53bd1..06346d3b7c 100644
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
--- a/units/systemd-tmpfiles-setup-dev.service.in
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
+++ b/units/systemd-tmpfiles-setup-dev.service.in
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
@@ -12,7 +12,7 @@ DefaultDependencies=no
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
Conflicts=shutdown.target
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
After=systemd-readahead-collect.service systemd-readahead-replay.service systemd-sysusers.service
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
Before=sysinit.target local-fs-pre.target systemd-udevd.service shutdown.target
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
-ConditionCapability=CAP_MKNOD
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
+ConditionCapability=CAP_SYS_MODULE
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
[Service]
|
|
Zbigniew Jędrzejewski-Szmek |
43ff24 |
Type=oneshot
|