systemd-nspawn: Have chown_cgroup bail early if uid_shift == UID_INVALID.notsystemd/master

author: Luke Shumaker <lukeshu@lukeshu.com> 2017-05-20 21:51:50 -0400
committer: Luke Shumaker <lukeshu@lukeshu.com> 2017-05-20 21:57:26 -0400
commit: 13d170a533b49490fc294bd727685cd087f0b070 (patch)
tree: 4704aa2670d6959e6706eb3767d7869476925de7
parent: 6e20ab45f9c40a6d59b29741baad5c068df6edc3 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/src/systemd-nspawn/nspawn-cgroup.c b/src/systemd-nspawn/nspawn-cgroup.c
index a75c822f67..782966d31b 100644
--- a/src/systemd-nspawn/nspawn-cgroup.c
+++ b/src/systemd-nspawn/nspawn-cgroup.c
@@ -27,6 +27,7 @@
 #include "systemd-basic/rm-rf.h"
 #include "systemd-basic/string-util.h"
 #include "systemd-basic/strv.h"
+#include "systemd-basic/user-util.h"
 #include "systemd-basic/util.h"
 
 #include "nspawn-cgroup.h"
@@ -59,6 +60,12 @@ int chown_cgroup(pid_t pid, uid_t uid_shift) {
         _cleanup_free_ char *path = NULL, *fs = NULL;
         int r;
 
+        /* If uid_shift == UID_INVALID, then chown_cgroup_path() is a no-op, and there isn't really a point to actually
+         * doing any of this work.  Of course, it would still be "safe" to continue, just pointless; and another
+         * opportunity for cgroup-util to screw up on non-systemd systems. */
+        if (uid_shift == UID_INVALID)
+                return 0;
+
         r = cg_pid_get_path(NULL, pid, &path);
         if (r < 0)
                 return log_error_errno(r, "Failed to get host cgroup of the container: %m");
author	Luke Shumaker <lukeshu@lukeshu.com>	2017-05-20 21:51:50 -0400
committer	Luke Shumaker <lukeshu@lukeshu.com>	2017-05-20 21:57:26 -0400
commit	13d170a533b49490fc294bd727685cd087f0b070 (patch)
tree	4704aa2670d6959e6706eb3767d7869476925de7
parent	6e20ab45f9c40a6d59b29741baad5c068df6edc3 (diff)