diff options
-rw-r--r-- | src/nspawn/nspawn.c | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index d29866c3fe..c3698b1a40 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -900,12 +900,13 @@ static int parse_argv(int argc, char *argv[]) { case ARG_PRIVATE_USERS: - if (streq_ptr(optarg, "no")) { + r = optarg ? parse_boolean(optarg) : 1; + if (r == 0) { /* no: User namespacing off */ arg_userns_mode = USER_NAMESPACE_NO; arg_uid_shift = UID_INVALID; arg_uid_range = UINT32_C(0x10000); - } else if (!optarg || streq(optarg, "yes")) { + } else if (r > 0) { /* yes: User namespacing on, UID range is read from root dir */ arg_userns_mode = USER_NAMESPACE_FIXED; arg_uid_shift = UID_INVALID; @@ -916,20 +917,23 @@ static int parse_argv(int argc, char *argv[]) { arg_uid_shift = UID_INVALID; arg_uid_range = UINT32_C(0x10000); } else { + _cleanup_free_ char *buffer = NULL; const char *range, *shift; /* anything else: User namespacing on, UID range is explicitly configured */ range = strchr(optarg, ':'); if (range) { - shift = strndupa(optarg, range - optarg); + buffer = strndup(optarg, range - optarg); + if (!buffer) + return log_oom(); + shift = buffer; range++; - r = safe_atou32(range, &arg_uid_range); - if (r < 0) - return log_error_errno(r, "Failed to parse UID range '%s': %m", range); - if (arg_uid_range == 0) - return log_error_errno(EINVAL, "UID range cannot be 0."); + if (safe_atou32(range, &arg_uid_range) < 0 || arg_uid_range <= 0) { + log_error("Failed to parse UID range: %s", range); + return -EINVAL; + } } else shift = optarg; |