82cdd1f post: Neuter all systemd PrivateTmp= and Protect(Home|System)

Authored and Committed by Colin Walters 7 years ago
    post: Neuter all systemd PrivateTmp= and Protect(Home|System)
    
    See https://github.com/systemd/systemd/issues/4082 for the root
    of this (mounts not following symlinks).
    
    For Protect(Home|System), for the most part this is unnecessary
    with ostree (we already have a ro bind mount over /usr).  And
    unfortunately it doesn't cover `/sysroot`.
    
    Anyways, at some point we'll revisit the systemd Protect*, but
    for now let's have the current system boot.
    
        
file modified
+3 -0