namespace: always use a root directory when setting up namespace
1) mv /var/tmp /var/tmp.old 2) mkdir /tmp/varrr 3) ln -s /tmp/varrr /var/tmp Now, when a service has PrivateTmp=yes, during namespace setup, /tmp is first mounted over with a new mount. Then, when /var/tmp is being resolved, it points to /tmp/varrr, which by then doesn't exist, because it had already been obscured.
Loading
Please register or sign in to comment