rootless: unshare mount namespace

unshare the mount namespace as well when creating an user namespace so that we are the owner of the mount namespace and we can mount FUSE file systems on Linux 4.18. Tested on Fedora Rawhide: podman --storage-opt overlay.fuse_program=/usr/bin/fuse-overlayfs run alpine echo hello hello Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
author: Giuseppe Scrivano <gscrivan@redhat.com> 2018-07-13 16:37:34 +0200
committer: Giuseppe Scrivano <gscrivan@redhat.com> 2018-07-13 16:37:37 +0200
commit: 6ffcb98a70b94636d57bef515d5e2fbd9efefa0b (patch)
tree: ee860b65ec1ed16992e561f981ed59aa1aaa6713
parent: 6f1dd44b29be4a3046c3bcd5d4d44f7acc5f88fc (diff)
download: podman-6ffcb98a70b94636d57bef515d5e2fbd9efefa0b.tar.gz
podman-6ffcb98a70b94636d57bef515d5e2fbd9efefa0b.tar.bz2
podman-6ffcb98a70b94636d57bef515d5e2fbd9efefa0b.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c
index f2684f75f..0c6b86161 100644
--- a/pkg/rootless/rootless_linux.c
+++ b/pkg/rootless/rootless_linux.c
@@ -92,7 +92,7 @@ reexec_in_user_namespace(int ready)
 
   sprintf (uid, "%d", geteuid ());
 
-  pid = syscall_clone (CLONE_NEWUSER|SIGCHLD, NULL);
+  pid = syscall_clone (CLONE_NEWUSER|CLONE_NEWNS|SIGCHLD, NULL);
   if (pid)
     return pid;
author	Giuseppe Scrivano <gscrivan@redhat.com>	2018-07-13 16:37:34 +0200
committer	Giuseppe Scrivano <gscrivan@redhat.com>	2018-07-13 16:37:37 +0200
commit	6ffcb98a70b94636d57bef515d5e2fbd9efefa0b (patch)
tree	ee860b65ec1ed16992e561f981ed59aa1aaa6713
parent	6f1dd44b29be4a3046c3bcd5d4d44f7acc5f88fc (diff)
download	podman-6ffcb98a70b94636d57bef515d5e2fbd9efefa0b.tar.gz podman-6ffcb98a70b94636d57bef515d5e2fbd9efefa0b.tar.bz2 podman-6ffcb98a70b94636d57bef515d5e2fbd9efefa0b.zip