containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #20769 from giuseppe/fix-crash-podman-info 

system: enhance check for re-exec into rootless userns
This commit is contained in:
openshift-merge-bot[bot] 2023-11-27 10:23:40 +00:00 committed by GitHub
parent ac23b02f1d 41a6b992aa
commit 208ad3b330
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/domain/infra/abi/system.go
View File

@ -88,7 +88,8 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool)
if err != nil {
return err
}
if hasCapSysAdmin {
// check for both euid == 0 and CAP_SYS_ADMIN because we may be running in a container with CAP_SYS_ADMIN set.
if os.Geteuid() == 0 && hasCapSysAdmin {
ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup()
if err != nil {
logrus.Infof("Failed to detect the owner for the current cgroup: %v", err)