diff options
author | Michal Sekletar <msekleta@redhat.com> | 2014-10-17 11:51:46 +0200 |
---|---|---|
committer | Michal Sekletar <msekleta@redhat.com> | 2014-10-17 11:51:46 +0200 |
commit | 0015ebf3fa524d414a947bdf0814782a8ee00799 (patch) | |
tree | f587cdb15c77b252b1def05574359c91fd50fdba /src/core/execute.c | |
parent | c32195e057e5bf903c2645e273ba82f32c0106d3 (diff) |
execute: don't fail child when we don't have privileges to setup namespaces
If we don't have privileges to setup the namespaces then we are most likely
running inside some sort of unprivileged container, hence not being able to
create namespace is not a problem because spawned service can't access host
system anyway.
Diffstat (limited to 'src/core/execute.c')
-rw-r--r-- | src/core/execute.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/core/execute.c b/src/core/execute.c index b165b33af0..43f2764a49 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -1545,7 +1545,10 @@ static int exec_child(ExecCommand *command, context->protect_home, context->protect_system, context->mount_flags); - if (err < 0) { + + if (err == -EPERM) + log_error_unit(params->unit_id, "Failed to setup namespace, ignoring: %s", strerror(-err)); + else if (err < 0) { *error = EXIT_NAMESPACE; return err; } |