containers
/
storage
mirror of https://github.com/containers/storage.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

unshare: fix creating a userns when running as root 

this check would prevent the function to ever be used when running
as root, since we won't check what capabilities are currently
available to the process.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2022-10-28 14:06:24 +02:00
parent 232bf398bd
commit 1af3928e9b
No known key found for this signature in database
GPG Key ID: 67E38F7A8BA21772
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/unshare/unshare_linux.go
View File

@ -465,7 +465,7 @@ func bailOnError(err error, format string, a ...interface{}) { // nolint: golint
// MaybeReexecUsingUserNamespace re-exec the process in a new namespace
func MaybeReexecUsingUserNamespace(evenForRoot bool) {
// If we've already been through this once, no need to try again.
if os.Geteuid() == 0 && IsRootless() {
if os.Geteuid() == 0 && GetRootlessUID() > 0 {
return
}