rootless, exec: use the new function to join the userns

since we have a way for joining an existing userns use it instead of nsenter. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1371 Approved by: rhatdan
2018-08-29 10:15:03 +02:00 · 2018-08-29 10:15:03 +02:00 · 46acded58d
parent 2ed79f6315
commit 46acded58d
2 changed files with 13 additions and 9 deletions
--- a/cmd/podman/exec.go
+++ b/cmd/podman/exec.go
@ -2,6 +2,7 @@ package main

 import (
 	"fmt"
+	"os"
 	"strings"

 	"github.com/containers/libpod/cmd/podman/libpodruntime"
@ -84,6 +85,18 @@ func execCmd(c *cli.Context) error {
 		return errors.Wrapf(err, "unable to exec into %s", args[0])
 	}

+	pid, err := ctr.PID()
+	if err != nil {
+		return err
+	}
+	became, ret, err := rootless.JoinNS(uint(pid))
+	if err != nil {
+		return err
+	}
+	if became {
+		os.Exit(ret)
+	}
+
 	// ENVIRONMENT VARIABLES
 	env := defaultEnvVariables
 	for _, e := range c.StringSlice("env") {
--- a/libpod/oci.go
+++ b/libpod/oci.go
@ -691,15 +691,6 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty
 	logrus.Debugf("Starting runtime %s with following arguments: %v", r.path, args)

 	execCmd := exec.Command(r.path, args...)
-	if rootless.IsRootless() {
-		args = append([]string{"--preserve-credentials", "--user=/proc/self/fd/3", r.path}, args...)
-		f, err := rootless.GetUserNSForPid(uint(c.state.PID))
-		if err != nil {
-			return nil, err
-		}
-		execCmd = exec.Command("nsenter", args...)
-		execCmd.ExtraFiles = append(execCmd.ExtraFiles, f)
-	}
 	execCmd.Stdout = os.Stdout
 	execCmd.Stderr = os.Stderr
 	execCmd.Stdin = os.Stdin