summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2019-03-07 09:54:03 +0100
committerGiuseppe Scrivano <gscrivan@redhat.com>2019-03-07 15:51:50 +0100
commit081291c8d62b989373149973c1ce0fad0fe7fea1 (patch)
tree8b0c61427b857f5aaa72656c86c0734d58b4deb8
parent4a02713c57d874c404539047ccc5c5ff5c1958fc (diff)
downloadpodman-081291c8d62b989373149973c1ce0fad0fe7fea1.tar.gz
podman-081291c8d62b989373149973c1ce0fad0fe7fea1.tar.bz2
podman-081291c8d62b989373149973c1ce0fad0fe7fea1.zip
create: join also the mount ns of the dependency
when we are creating a container that depends on another one, be sure we also join its mount namespace in addition to the user namespace. Closes: https://github.com/containers/libpod/issues/2556 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
-rw-r--r--cmd/podman/create.go11
1 files changed, 10 insertions, 1 deletions
diff --git a/cmd/podman/create.go b/cmd/podman/create.go
index a7b9bbf31..9e9073a1d 100644
--- a/cmd/podman/create.go
+++ b/cmd/podman/create.go
@@ -894,7 +894,16 @@ func joinOrCreateRootlessUserNamespace(createConfig *cc.CreateConfig, runtime *l
}
return false, -1, errors.Errorf("dependency container %s is not running", ctr.ID())
}
- return rootless.JoinNS(uint(pid), 0)
+
+ data, err := ioutil.ReadFile(ctr.Config().ConmonPidFile)
+ if err != nil {
+ return false, -1, errors.Wrapf(err, "cannot read conmon PID file %q", ctr.Config().ConmonPidFile)
+ }
+ conmonPid, err := strconv.Atoi(string(data))
+ if err != nil {
+ return false, -1, errors.Wrapf(err, "cannot parse PID %q", data)
+ }
+ return rootless.JoinDirectUserAndMountNS(uint(conmonPid))
}
}
return rootless.BecomeRootInUserNS()