summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-11-22 13:35:24 +0100
committerLennart Poettering <lennart@poettering.net>2016-11-22 13:35:24 +0100
commitacbbf69b718260755a5dff60dd68ba239ac0d61b (patch)
tree0cb11269133a7e215c0ef21833975ce5702885d3
parent17cbb288faa4a5c900d54a5de53f804116d897df (diff)
nspawn: don't require chown() if userns is not on
Fixes: #4711
-rw-r--r--src/nspawn/nspawn-mount.c24
1 files changed, 14 insertions, 10 deletions
diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c
index 95bb3c09b0..91cb0861d3 100644
--- a/src/nspawn/nspawn-mount.c
+++ b/src/nspawn/nspawn-mount.c
@@ -298,7 +298,7 @@ int mount_sysfs(const char *dest, MountSettingsMask mount_settings) {
MS_BIND|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT|extra_flags, NULL);
}
-static int mkdir_userns(const char *path, mode_t mode, bool in_userns, uid_t uid_shift) {
+static int mkdir_userns(const char *path, mode_t mode, MountSettingsMask mask, uid_t uid_shift) {
int r;
assert(path);
@@ -307,16 +307,20 @@ static int mkdir_userns(const char *path, mode_t mode, bool in_userns, uid_t uid
if (r < 0 && errno != EEXIST)
return -errno;
- if (!in_userns) {
- r = lchown(path, uid_shift, uid_shift);
- if (r < 0)
- return -errno;
- }
+ if ((mask & MOUNT_USE_USERNS) == 0)
+ return 0;
+
+ if (mask & MOUNT_IN_USERNS)
+ return 0;
+
+ r = lchown(path, uid_shift, uid_shift);
+ if (r < 0)
+ return -errno;
return 0;
}
-static int mkdir_userns_p(const char *prefix, const char *path, mode_t mode, bool in_userns, uid_t uid_shift) {
+static int mkdir_userns_p(const char *prefix, const char *path, mode_t mode, MountSettingsMask mask, uid_t uid_shift) {
const char *p, *e;
int r;
@@ -343,12 +347,12 @@ static int mkdir_userns_p(const char *prefix, const char *path, mode_t mode, boo
if (prefix && path_startswith(prefix, t))
continue;
- r = mkdir_userns(t, mode, in_userns, uid_shift);
+ r = mkdir_userns(t, mode, mask, uid_shift);
if (r < 0)
return r;
}
- return mkdir_userns(path, mode, in_userns, uid_shift);
+ return mkdir_userns(path, mode, mask, uid_shift);
}
int mount_all(const char *dest,
@@ -422,7 +426,7 @@ int mount_all(const char *dest,
if (mount_table[k].what && r > 0)
continue;
- r = mkdir_userns_p(dest, where, 0755, in_userns, uid_shift);
+ r = mkdir_userns_p(dest, where, 0755, mount_settings, uid_shift);
if (r < 0 && r != -EEXIST) {
if (fatal)
return log_error_errno(r, "Failed to create directory %s: %m", where);