From 1f6c35b28ece31f998ea28704968f032636afe0a Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Fri, 28 Oct 2022 14:06:24 +0200
Subject: [PATCH] unshare: fix creating a userns when running as root

this check would prevent the function to ever be used when running
as root, since we won't check what capabilities are currently
available to the process.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
(cherry picked from commit 1af3928e9bf16d9c39d3d60bf3ec6bb7167989a6)
---
 pkg/unshare/unshare_linux.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/unshare/unshare_linux.go b/pkg/unshare/unshare_linux.go
index 3fc36201c..c26dedb39 100644
--- a/pkg/unshare/unshare_linux.go
+++ b/pkg/unshare/unshare_linux.go
@@ -448,7 +448,7 @@ type Runnable interface {
 // MaybeReexecUsingUserNamespace re-exec the process in a new namespace
 func MaybeReexecUsingUserNamespace(evenForRoot bool) {
 	// If we've already been through this once, no need to try again.
-	if os.Geteuid() == 0 && IsRootless() {
+	if os.Geteuid() == 0 && GetRootlessUID() > 0 {
 		return
 	}