core: Add RootDirectoryFileDescriptor=

RootDirectory= but via a open_tree() file descriptor. This allows setting up the execution environment for a service by the client in a mount namespace and then starting a transient unit in that execution environment using the new property. We also add --root-directory= and --same-root-dir= to systemd-run to have it run services within the given root directory. As systemd-run might be invoked from a different mount namespace than what systemd is running in, systemd-run opens the given path with open_tree() and then sends it to systemd using the new RootDirectoryFileDescriptor= property.
2026-04-15 00:47:10 +09:00 · 2025-10-28 23:47:26 +01:00
parent 456ee3c5f9
commit 9e26ced980
15 changed files with 162 additions and 10 deletions
--- a/test/units/TEST-50-DISSECT.dissect.sh
+++ b/test/units/TEST-50-DISSECT.dissect.sh
@@ -890,6 +890,9 @@ systemctl stop test-root-ephemeral
 timeout 10 bash -c 'until test -z "$(ls -A /var/lib/systemd/ephemeral-trees)"; do sleep .5; done'
 test ! -f /tmp/img/abc

+# Test RootDirectoryFileDescriptor=
+systemd-run --wait --pipe --root-directory=/tmp/img -- grep -q 'MARKER=1' /usr/lib/os-release
+
 systemd-dissect --mtree /tmp/img >/dev/null
 systemd-dissect --list /tmp/img >/dev/null