From 552f60227b0bb1b26fa7e6a49d753688f5c23e23 Mon Sep 17 00:00:00 2001
From: André Fabian Silva Delgado <emulatorman@parabola.nu>
Date: Thu, 12 Jan 2017 14:37:31 -0300
Subject: systemd-knock-232-1: updating version

---
 .../0001-nspawn-don-t-hide-bind-tmp-mounts.patch   | 26 ++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 pcr/systemd-knock/0001-nspawn-don-t-hide-bind-tmp-mounts.patch

(limited to 'pcr/systemd-knock/0001-nspawn-don-t-hide-bind-tmp-mounts.patch')

diff --git a/pcr/systemd-knock/0001-nspawn-don-t-hide-bind-tmp-mounts.patch b/pcr/systemd-knock/0001-nspawn-don-t-hide-bind-tmp-mounts.patch
new file mode 100644
index 000000000..a5336ece5
--- /dev/null
+++ b/pcr/systemd-knock/0001-nspawn-don-t-hide-bind-tmp-mounts.patch
@@ -0,0 +1,26 @@
+From 7ec42a45410cb27140292d85ebb0e4b6dcea5555 Mon Sep 17 00:00:00 2001
+From: Dave Reisner <dreisner@archlinux.org>
+Date: Wed, 7 Dec 2016 13:45:48 -0500
+Subject: [PATCH] nspawn: don't hide --bind=/tmp/* mounts
+
+This is a v232-applicable version of upstream c9fd987279a462e.
+---
+ src/nspawn/nspawn-mount.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c
+index 115de64..2dabe2a 100644
+--- a/src/nspawn/nspawn-mount.c
++++ b/src/nspawn/nspawn-mount.c
+@@ -382,7 +382,7 @@ int mount_all(const char *dest,
+                 { "tmpfs",               "/dev",                "tmpfs", "mode=755",  MS_NOSUID|MS_STRICTATIME,                                  true,  false, false },
+                 { "tmpfs",               "/dev/shm",            "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME,                         true,  false, false },
+                 { "tmpfs",               "/run",                "tmpfs", "mode=755",  MS_NOSUID|MS_NODEV|MS_STRICTATIME,                         true,  false, false },
+-                { "tmpfs",               "/tmp",                "tmpfs", "mode=1777", MS_STRICTATIME,                                            true,  true,  false },
++                { "tmpfs",               "/tmp",                "tmpfs", "mode=1777", MS_STRICTATIME,                                            true,  false,  false },
+ #ifdef HAVE_SELINUX
+                 { "/sys/fs/selinux",     "/sys/fs/selinux",     NULL,     NULL,       MS_BIND,                                                   false, false, false },  /* Bind mount first */
+                 { NULL,                  "/sys/fs/selinux",     NULL,     NULL,       MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, false, false, false },  /* Then, make it r/o */
+-- 
+2.10.2
+
-- 
cgit v1.2.3