Fix handling of user namespace

Need to check for userns before entering the chroot. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-06-24 15:25:21 -04:00 · 2021-06-24 15:25:21 -04:00 · 8935bb6c1f
parent c8d05b8a18
commit 8935bb6c1f
1 changed files with 7 additions and 2 deletions
--- a/pkg/chrootarchive/diff_unix.go
+++ b/pkg/chrootarchive/diff_unix.go
@ -35,6 +35,7 @@ func applyLayer() {
 	runtime.LockOSThread()
 	flag.Parse()

+	inUserns := userns.RunningInUserNS()
 	if err := chroot(flag.Arg(0)); err != nil {
 		fatal(err)
 	}
@ -50,7 +51,9 @@ func applyLayer() {
 		fatal(err)
 	}

-	options.InUserNS = userns.RunningInUserNS()
+	if inUserns {
+		options.InUserNS = true
+	}

 	if tmpDir, err = ioutil.TempDir("/", "temp-storage-extract"); err != nil {
 		fatal(err)
@ -91,7 +94,9 @@ func applyLayerHandler(dest string, layer io.Reader, options *archive.TarOptions
 	}
 	if options == nil {
 		options = &archive.TarOptions{}
-		options.InUserNS = userns.RunningInUserNS()
+		if userns.RunningInUserNS() {
+			options.InUserNS = true
+		}
 	}
 	if options.ExcludePatterns == nil {
 		options.ExcludePatterns = []string{}