xfs_scrub: disable private /tmp for scrub service

Don't make /tmp private when invoking xfs_scrub as a service, because /tmp might contain or itself be an xfs filesystem mountpoint. Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Reviewed-by: Eric Sandeen <sandeen@redhat.com> Signed-off-by: Eric Sandeen <sandeen@sandeen.net>
author: Darrick J. Wong <darrick.wong@oracle.com> 2018-04-12 10:34:11 -0500
committer: Eric Sandeen <sandeen@redhat.com> 2018-04-12 10:34:11 -0500
commit: e4e022f9db759b5e45ff08974b12e050d5f4f769 (patch)
tree: cefd5e933c73b86f15e86b134b9948af3e0d73c3
parent: 3dd91472fd17dfbe7b431e9518f0659fb175602e (diff)
download: xfsprogs-dev-e4e022f9db759b5e45ff08974b12e050d5f4f769.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/scrub/xfs_scrub@.service.in b/scrub/xfs_scrub@.service.in
index c14f8138fd..56acea6712 100644
--- a/scrub/xfs_scrub@.service.in
+++ b/scrub/xfs_scrub@.service.in
@@ -9,7 +9,8 @@ WorkingDirectory=%I
 PrivateNetwork=true
 ProtectSystem=full
 ProtectHome=read-only
-PrivateTmp=yes
+# Disable private /tmp just in case %i is a path under /tmp.
+PrivateTmp=no
 AmbientCapabilities=CAP_SYS_ADMIN CAP_FOWNER CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_SYS_RAWIO
 NoNewPrivileges=yes
 User=nobody
author	Darrick J. Wong <darrick.wong@oracle.com>	2018-04-12 10:34:11 -0500
committer	Eric Sandeen <sandeen@redhat.com>	2018-04-12 10:34:11 -0500
commit	e4e022f9db759b5e45ff08974b12e050d5f4f769 (patch)
tree	cefd5e933c73b86f15e86b134b9948af3e0d73c3
parent	3dd91472fd17dfbe7b431e9518f0659fb175602e (diff)
download	xfsprogs-dev-e4e022f9db759b5e45ff08974b12e050d5f4f769.tar.gz