nspawn: finish user namespace support

author: Lennart Poettering <lennart@poettering.net> 2015-05-21 16:30:58 +0200
committer: Lennart Poettering <lennart@poettering.net> 2015-05-21 16:32:01 +0200
commit: 03cfe0d51499e86b1573d121337594719d9f2012 (patch)
tree: cb76a92a501b16909f879944a4ad29ce88eefbad /src/shared/base-filesystem.c
parent: ef6fc8ee57eff8a2b612de0270c9a25e066ee290 (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/src/shared/base-filesystem.c b/src/shared/base-filesystem.c
index 11e0947407..ab6fc171b0 100644
--- a/src/shared/base-filesystem.c
+++ b/src/shared/base-filesystem.c
@@ -41,13 +41,16 @@ static const BaseFilesystem table[] = {
         { "lib",      0, "usr/lib\0",                  NULL },
         { "root",  0755, NULL,                         NULL },
         { "sbin",     0, "usr/sbin\0",                 NULL },
+        { "usr",   0755, NULL,                         NULL },
+        { "var",   0755, NULL,                         NULL },
+        { "etc",   0755, NULL,                         NULL },
 #if defined(__i386__) || defined(__x86_64__)
         { "lib64",    0, "usr/lib/x86_64-linux-gnu\0"
                          "usr/lib64\0",                "ld-linux-x86-64.so.2" },
 #endif
 };
 
-int base_filesystem_create(const char *root) {
+int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
         _cleanup_close_ int fd = -1;
         unsigned i;
         int r = 0;
@@ -90,6 +93,12 @@ int base_filesystem_create(const char *root) {
                         r = symlinkat(target, fd, table[i].dir);
                         if (r < 0 && errno != EEXIST)
                                 return log_error_errno(errno, "Failed to create symlink at %s/%s: %m", root, table[i].dir);
+
+                        if (uid != UID_INVALID || gid != UID_INVALID) {
+                                if (fchownat(fd, table[i].dir, uid, gid, AT_SYMLINK_NOFOLLOW) < 0)
+                                        return log_error_errno(errno, "Failed to chown symlink at %s/%s: %m", root, table[i].dir);
+                        }
+
                         continue;
                 }
 
@@ -97,6 +106,11 @@ int base_filesystem_create(const char *root) {
                         r = mkdirat(fd, table[i].dir, table[i].mode);
                 if (r < 0 && errno != EEXIST)
                         return log_error_errno(errno, "Failed to create directory at %s/%s: %m", root, table[i].dir);
+
+                if (uid != UID_INVALID || gid != UID_INVALID) {
+                        if (fchownat(fd, table[i].dir, uid, gid, AT_SYMLINK_NOFOLLOW) < 0)
+                                return log_error_errno(errno, "Failed to chown directory at %s/%s: %m", root, table[i].dir);
+                }
         }
 
         return 0;
author	Lennart Poettering <lennart@poettering.net>	2015-05-21 16:30:58 +0200
committer	Lennart Poettering <lennart@poettering.net>	2015-05-21 16:32:01 +0200
commit	03cfe0d51499e86b1573d121337594719d9f2012 (patch)
tree	cb76a92a501b16909f879944a4ad29ce88eefbad /src/shared/base-filesystem.c
parent	ef6fc8ee57eff8a2b612de0270c9a25e066ee290 (diff)