diff options
| author | Lennart Poettering <lennart@poettering.net> | 2013-12-17 01:03:09 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2013-12-17 01:05:37 +0100 |
| commit | a4475f577bd0daf762d6c3b4e58bc484e0cb74af (patch) | |
| tree | 5dca2abf91be82c72179b9f0ba745d32d4fdc85f /src/libsystemd-bus | |
| parent | d003f514dab2dbf1a66e11800a50aeaf039d036c (diff) | |
bus: when entering an existing namespace to connect to a container's system bus also switch over PID namespace
This is necessary to ensure that kdbus can collect creds of the
destination namespace when connecting.
Diffstat (limited to 'src/libsystemd-bus')
| -rw-r--r-- | src/libsystemd-bus/bus-container.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/libsystemd-bus/bus-container.c b/src/libsystemd-bus/bus-container.c index 5d31f5afa7..9ad6e65c73 100644 --- a/src/libsystemd-bus/bus-container.c +++ b/src/libsystemd-bus/bus-container.c @@ -29,7 +29,7 @@ #include "bus-container.h" int bus_container_connect_socket(sd_bus *b) { - _cleanup_close_ int nsfd = -1, rootfd = -1; + _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, rootfd = -1; pid_t leader, child; siginfo_t si; int r; @@ -42,7 +42,7 @@ int bus_container_connect_socket(sd_bus *b) { if (r < 0) return r; - r = namespace_open(leader, &nsfd, &rootfd); + r = namespace_open(leader, &pidnsfd, &mntnsfd, &rootfd); if (r < 0) return r; @@ -62,7 +62,7 @@ int bus_container_connect_socket(sd_bus *b) { if (child == 0) { - r = namespace_enter(nsfd, rootfd); + r = namespace_enter(pidnsfd, mntnsfd, rootfd); if (r < 0) _exit(255); @@ -95,7 +95,7 @@ int bus_container_connect_socket(sd_bus *b) { int bus_container_connect_kernel(sd_bus *b) { _cleanup_close_pipe_ int pair[2] = { -1, -1 }; - _cleanup_close_ int nsfd = -1, rootfd = -1; + _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, rootfd = -1; union { struct cmsghdr cmsghdr; uint8_t buf[CMSG_SPACE(sizeof(int))]; @@ -118,7 +118,7 @@ int bus_container_connect_kernel(sd_bus *b) { if (r < 0) return r; - r = namespace_open(leader, &nsfd, &rootfd); + r = namespace_open(leader, &pidnsfd, &mntnsfd, &rootfd); if (r < 0) return r; @@ -133,7 +133,7 @@ int bus_container_connect_kernel(sd_bus *b) { close_nointr_nofail(pair[0]); pair[0] = -1; - r = namespace_enter(nsfd, rootfd); + r = namespace_enter(pidnsfd, mntnsfd, rootfd); if (r < 0) _exit(EXIT_FAILURE); |