test: add test for ReadOnlyPaths= with RuntimeDirectory=

src/test/test-execute.c

@@ -225,6 +225,7 @@ static void test_exec_readonlypaths(Manager *m) {
 
         test(m, "exec-readonlypaths.service", 0, CLD_EXITED);
         test(m, "exec-readonlypaths-mount-propagation.service", 0, CLD_EXITED);
+        test(m, "exec-readonlypaths-with-bindpaths.service", 0, CLD_EXITED);
 }
 
 static void test_exec_readwritepaths(Manager *m) {

test/meson.build

@@ -81,6 +81,7 @@ test_data_files = '''
         test-execute/exec-protectkernelmodules-yes-mount-propagation.service
         test-execute/exec-read-only-path-succeed.service
         test-execute/exec-readonlypaths-mount-propagation.service
+        test-execute/exec-readonlypaths-with-bindpaths.service
         test-execute/exec-readonlypaths.service
         test-execute/exec-readwritepaths-mount-propagation.service
         test-execute/exec-restrict-namespaces-mnt-blacklist.service

test/test-execute/exec-readonlypaths-with-bindpaths.service

@@ -0,0 +1,9 @@
+[Unit]
+Description=Test for ReadOnlyPaths=
+
+[Service]
+ReadOnlyPaths=/etc -/i-dont-exist /usr
+# From 6c47cd7d3bf35c8158a0737f34fe2c5dc95e72d6, RuntimeDirectory= implies BindPaths=.
+RuntimeDirectory=foo
+ExecStart=/bin/sh -x -c 'test ! -w /etc && test ! -w /usr && test ! -e /i-dont-exist && test -w /var'
+Type=oneshot