diff options
author | Evgeny Vereshchagin <evvers@ya.ru> | 2016-10-20 09:03:40 +0000 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-10-23 23:23:40 -0400 |
commit | 63eae72312b6b8df4c7186233994a65d747229a7 (patch) | |
tree | ee0bc4e142129e205f4388fb7e482f6e58ab50bb /sysusers.d | |
parent | 548bd57376f7eb82cc792f0476688ccc9843962a (diff) |
nspawn: really lchown(uid/gid)
https://github.com/systemd/systemd/pull/4372#issuecomment-253723849:
* `mount_all (outer_child)` creates `container_dir/sys/fs/selinux`
* `mount_all (outer_child)` doesn't patch `container_dir/sys/fs` and so on.
* `mount_sysfs (inner_child)` tries to create `/sys/fs/cgroup`
* This fails
370 stat("/sys/fs", {st_dev=makedev(0, 28), st_ino=13880, st_mode=S_IFDIR|0755, st_nlink=3, st_uid=65534, st_gid=65534, st_blksize=4096, st_blocks=0, st_size=60, st_atime=2016/10/14-05:16:43.398665943, st_mtime=2016/10/14-05:16:43.399665943, st_ctime=2016/10/14-05:16:43.399665943}) = 0
370 mkdir("/sys/fs/cgroup", 0755) = -1 EACCES (Permission denied)
* `mount_syfs (inner_child)` ignores that error and
mount(NULL, "/sys", NULL, MS_RDONLY|MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_BIND, NULL) = 0
* `mount_cgroups` finally fails
Diffstat (limited to 'sysusers.d')
0 files changed, 0 insertions, 0 deletions