diff options
| author | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-04-10 23:12:30 +0200 |
|---|---|---|
| committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-04-10 23:12:37 +0200 |
| commit | 09532c8cc04f52aad055b995a49f76e7909aa12c (patch) | |
| tree | 3fa170788202e211e53f26f65185cebcebd0ba67 | |
| parent | 6cd6eb6768bb936e87309c61d9cf131350274700 (diff) | |
| download | podman-09532c8cc04f52aad055b995a49f76e7909aa12c.tar.gz podman-09532c8cc04f52aad055b995a49f76e7909aa12c.tar.bz2 podman-09532c8cc04f52aad055b995a49f76e7909aa12c.zip | |
rootless: fix segfault on refresh if there are containers
create immediately a namespace if we need a refresh. This is
necessary to access the rootless storage.
Closes: https://github.com/containers/libpod/issues/2894
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| -rw-r--r-- | libpod/runtime.go | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/libpod/runtime.go b/libpod/runtime.go index 4dd2707e8..3b1c2be98 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -870,6 +870,20 @@ func makeRuntime(runtime *Runtime) (err error) { _, err = os.Stat(runtimeAliveFile) if err != nil { + // If we need to refresh, then it is safe to assume there are + // no containers running. Create immediately a namespace, as + // we will need to access the storage. + if os.Geteuid() != 0 { + aliveLock.Unlock() + became, ret, err := rootless.BecomeRootInUserNS() + if err != nil { + return err + } + if became { + os.Exit(ret) + } + + } // If the file doesn't exist, we need to refresh the state // This will trigger on first use as well, but refreshing an // empty state only creates a single file |