core/namespace: drop mount points outside of root even if RootDirectory= is not set

2026-03-06 15:02:31 -08:00 · 2018-07-29 00:42:41 +09:00
parent 9b68367b3a
commit 839f187753
1 changed files with 2 additions and 2 deletions
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -1276,7 +1276,7 @@ int setup_namespace(
                if (r < 0)
                        goto finish;

-                normalize_mounts(root_directory, mounts, &n_mounts);
+                normalize_mounts(root, mounts, &n_mounts);
        }

        if (unshare(CLONE_NEWNS) < 0) {
@@ -1375,7 +1375,7 @@ int setup_namespace(
                        if (!again)
                                break;

-                        normalize_mounts(root_directory, mounts, &n_mounts);
+                        normalize_mounts(root, mounts, &n_mounts);
                }

                /* Create a blacklist we can pass to bind_mount_recursive() */