Merge pull request #231 from tixxdz/nspawn-userns-fixes-2

nspawn: check if kernel supports userns as early as possible
author: Lennart Poettering <lennart@poettering.net> 2015-06-16 19:50:59 +0200
committer: Lennart Poettering <lennart@poettering.net> 2015-06-16 19:50:59 +0200
commit: 3eb3228e583e7e07dc3f2d17ea02dcb06f30fcc0 (patch)
tree: 6df9dc162cb385b81704b2240e16ba1519fec412
parent: c986cc70002cf8f28e6ea1e63da46a8124a0882c (diff)
parent: b774fb7f002c9877391e8d4fe8e6b6d0ea8647da (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index eea994d0b3..3c31629d1e 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1013,6 +1013,9 @@ static int parse_argv(int argc, char *argv[]) {
                 return -EINVAL;
         }
 
+        if (arg_userns && access("/proc/self/uid_map", F_OK) < 0)
+                return log_error_errno(EOPNOTSUPP, "--private-users= is not supported, kernel compiled without user namespace support.");
+
         arg_retain = (arg_retain | plus | (arg_private_network ? 1ULL << CAP_NET_ADMIN : 0)) & ~minus;
 
         if (arg_boot && arg_kill_signal <= 0)
author	Lennart Poettering <lennart@poettering.net>	2015-06-16 19:50:59 +0200
committer	Lennart Poettering <lennart@poettering.net>	2015-06-16 19:50:59 +0200
commit	3eb3228e583e7e07dc3f2d17ea02dcb06f30fcc0 (patch)
tree	6df9dc162cb385b81704b2240e16ba1519fec412
parent	c986cc70002cf8f28e6ea1e63da46a8124a0882c (diff)
parent	b774fb7f002c9877391e8d4fe8e6b6d0ea8647da (diff)