diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-04-22 18:10:16 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-04-25 12:50:06 +0200 |
commit | 88cd066e11aef5dd73b563c1753ad8bf4dfd9f62 (patch) | |
tree | ae8965682a0ca56348a2d1bc7d58d0e86d700f28 | |
parent | af88764ff8fb64ff0762b0efd8856439c3e77988 (diff) |
nspawn: don't try to patch UIDs/GIDs of procfs and suchlike
-rw-r--r-- | src/basic/missing.h | 4 | ||||
-rw-r--r-- | src/nspawn/nspawn-patch-uid.c | 44 |
2 files changed, 46 insertions, 2 deletions
diff --git a/src/basic/missing.h b/src/basic/missing.h index 6616f0b720..b389e94cf7 100644 --- a/src/basic/missing.h +++ b/src/basic/missing.h @@ -445,6 +445,10 @@ struct btrfs_ioctl_quota_ctl_args { #define TMPFS_MAGIC 0x01021994 #endif +#ifndef MQUEUE_MAGIC +#define MQUEUE_MAGIC 0x19800202 +#endif + #ifndef MS_MOVE #define MS_MOVE 8192 #endif diff --git a/src/nspawn/nspawn-patch-uid.c b/src/nspawn/nspawn-patch-uid.c index f53164fbbf..429c45a3a7 100644 --- a/src/nspawn/nspawn-patch-uid.c +++ b/src/nspawn/nspawn-patch-uid.c @@ -18,16 +18,20 @@ ***/ #include <fcntl.h> +#include <linux/magic.h> #ifdef HAVE_ACL #include <sys/acl.h> #endif #include <sys/stat.h> +#include <sys/vfs.h> #include <unistd.h> #include "acl-util.h" #include "dirent-util.h" #include "fd-util.h" +#include "missing.h" #include "nspawn-patch-uid.h" +#include "stat-util.h" #include "stdio-util.h" #include "string-util.h" #include "strv.h" @@ -276,12 +280,46 @@ static int patch_fd(int fd, const char *name, const struct stat *st, uid_t shift return r > 0 || changed; } +static int is_procfs_sysfs_or_suchlike(int fd) { + struct statfs sfs; + + assert(fd >= 0); + + if (fstatfs(fd, &sfs) < 0) + return -errno; + + return F_TYPE_EQUAL(sfs.f_type, BINFMTFS_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, CGROUP_SUPER_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, CGROUP2_SUPER_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, DEBUGFS_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, DEVPTS_SUPER_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, EFIVARFS_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, HUGETLBFS_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, MQUEUE_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, PROC_SUPER_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, PSTOREFS_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, SELINUX_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, SMACK_MAGIC) || + F_TYPE_EQUAL(sfs.f_type, SYSFS_MAGIC); +} + static int recurse_fd(int fd, bool donate_fd, const struct stat *st, uid_t shift) { bool changed = false; int r; assert(fd >= 0); + /* We generally want to permit crossing of mount boundaries when patching the UIDs/GIDs. However, we + * probably shouldn't do this for /proc and /sys if that is already mounted into place. Hence, let's + * stop the recursion when we hit a procfs or sysfs file system. */ + r = is_procfs_sysfs_or_suchlike(fd); + if (r < 0) + goto finish; + if (r > 0) { + r = 0; /* don't recurse */ + goto finish; + } + r = patch_fd(fd, NULL, st, shift); if (r < 0) goto finish; @@ -294,8 +332,10 @@ static int recurse_fd(int fd, bool donate_fd, const struct stat *st, uid_t shift int copy; copy = fcntl(fd, F_DUPFD_CLOEXEC, 3); - if (copy < 0) - return -errno; + if (copy < 0) { + r = -errno; + goto finish; + } fd = copy; donate_fd = true; |