fstab-generator: set mode=0755 with root=tmpfs

If mode= is not set in rootflags= add mode=0755 when a tmpfs
is used on the rootfs, otherwise it will be group/world writable
as that's the default mode for tmpfs filesystems.

Follow-up for 725ad3b062

src/fstab-generator/fstab-generator.c

@@ -1197,6 +1197,8 @@ static int add_sysroot_mount(void) {
                         return log_oom();
 
                 fstype = arg_root_fstype ?: "tmpfs"; /* tmpfs, unless overridden */
+                if (streq(fstype, "tmpfs") && !fstab_test_option(arg_root_options, "mode\0"))
+                        extra_opts = "mode=0755"; /* root directory should not be world/group writable, unless overridden */
         } else {
 
                 what = fstab_node_to_udev_node(arg_root_what);

test/test-fstab-generator/test-16-tmpfs.expected/sysroot.mount

@@ -10,4 +10,4 @@ After=imports.target
 What=rootfs
 Where=/sysroot
 Type=tmpfs
-Options=rw
+Options=rw,mode=0755