From 13d170a533b49490fc294bd727685cd087f0b070 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Sat, 20 May 2017 21:51:50 -0400 Subject: systemd-nspawn: Have chown_cgroup bail early if uid_shift == UID_INVALID. --- src/systemd-nspawn/nspawn-cgroup.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/systemd-nspawn/nspawn-cgroup.c b/src/systemd-nspawn/nspawn-cgroup.c index a75c822f67..782966d31b 100644 --- a/src/systemd-nspawn/nspawn-cgroup.c +++ b/src/systemd-nspawn/nspawn-cgroup.c @@ -27,6 +27,7 @@ #include "systemd-basic/rm-rf.h" #include "systemd-basic/string-util.h" #include "systemd-basic/strv.h" +#include "systemd-basic/user-util.h" #include "systemd-basic/util.h" #include "nspawn-cgroup.h" @@ -59,6 +60,12 @@ int chown_cgroup(pid_t pid, uid_t uid_shift) { _cleanup_free_ char *path = NULL, *fs = NULL; int r; + /* If uid_shift == UID_INVALID, then chown_cgroup_path() is a no-op, and there isn't really a point to actually + * doing any of this work. Of course, it would still be "safe" to continue, just pointless; and another + * opportunity for cgroup-util to screw up on non-systemd systems. */ + if (uid_shift == UID_INVALID) + return 0; + r = cg_pid_get_path(NULL, pid, &path); if (r < 0) return log_error_errno(r, "Failed to get host cgroup of the container: %m"); -- cgit v1.2.3-54-g00ecf