Clara Kowalsky
unread,Jul 24, 2024, 9:39:47 AM (4 days ago) Jul 24Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to isar-...@googlegroups.com, quirin.g...@siemens.com, Clara Kowalsky
By setting PrivateTmp, a new file system namespace is created for this
service and private /tmp/<service>/tmp and /var/tmp/<service>/tmp
subdirectories are mounted, which are only used for processes of this
namespace. The service unit receives a mount unit dependency for all
mounts required to access /tmp and /var/tmp.
This ensures that the /tmp directory is writable for the service, as
mktemp is used in expand-last-partition.sh and creates a temporary file.
---
.../expand-on-first-boot/files/expand-on-first-boot.service | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service b/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service
index 90c92a39..8e76998b 100644
--- a/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service
+++ b/meta/recipes-support/expand-on-first-boot/files/expand-on-first-boot.service
@@ -16,6 +16,7 @@ Type=oneshot
ExecStart=/usr/share/expand-on-first-boot/expand-last-partition.sh
ExecStartPost=-/bin/systemctl disable expand-on-first-boot.service
ExecStopPost=-/bin/systemctl disable expand-on-first-boot.service
+PrivateTmp=true
[Install]
WantedBy=sysinit.target
--
2.45.2