containers
/
storage
mirror of https://github.com/containers/storage.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

unshare: fix creating a userns when running as root 

this check would prevent the function to ever be used when running
as root, since we won't check what capabilities are currently
available to the process.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
(cherry picked from commit 1af3928e9b)
This commit is contained in:
Giuseppe Scrivano 2022-10-28 14:06:24 +02:00
parent 472e26b16f
commit 1f6c35b28e
No known key found for this signature in database
GPG Key ID: 67E38F7A8BA21772
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/unshare/unshare_linux.go
View File

@ -448,7 +448,7 @@ type Runnable interface {
// MaybeReexecUsingUserNamespace re-exec the process in a new namespace // MaybeReexecUsingUserNamespace re-exec the process in a new namespace
func MaybeReexecUsingUserNamespace(evenForRoot bool) { func MaybeReexecUsingUserNamespace(evenForRoot bool) {
// If we've already been through this once, no need to try again. // If we've already been through this once, no need to try again.
if os.Geteuid() == 0 && IsRootless() { if os.Geteuid() == 0 && GetRootlessUID() > 0 {
return return
} }