From 8e94ac029bb7266319057fc282120bb1a8a6045c Mon Sep 17 00:00:00 2001 From: Daniel Zatovic Date: Thu, 9 Oct 2025 16:09:29 +0200 Subject: [PATCH] sys-apps/systemd: allow @mount syscalls for systemd-udevd.service In Flatcar we are using modprobe helpers that run depmod in temporary overlay. systemd-udevd.service may try to load drivers for some block devices (e.g. ZFS), which ends up calling our helpers, which invoke mount command. The mount syscalls are forbidden by the default systemd-udevd syscall filter. Signed-off-by: Daniel Zatovic --- .../coreos/config/env/sys-apps/systemd | 13 +++++++++++++ ...temd-256.9-r1.ebuild => systemd-256.9-r2.ebuild} | 0 ...systemd-257.7.ebuild => systemd-257.7-r1.ebuild} | 0 3 files changed, 13 insertions(+) rename sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/{systemd-256.9-r1.ebuild => systemd-256.9-r2.ebuild} (100%) rename sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/{systemd-257.7.ebuild => systemd-257.7-r1.ebuild} (100%) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-apps/systemd b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-apps/systemd index 3806da9f57..f5f1ad0bbb 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-apps/systemd +++ b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-apps/systemd @@ -11,3 +11,16 @@ After=ensure-sysext.service EOF popd } + +cros_post_src_install_udev() { + insinto "$(systemd_get_systemunitdir)/systemd-udevd.service.d" + newins - flatcar.conf <