summaryrefslogtreecommitdiff
path: root/libpod/container_copy_linux.go
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2021-05-13 08:45:29 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2021-05-19 07:55:48 -0400
commitbc0e12a047cce2cc717320257545663073383f48 (patch)
treeca6e4710bd3b6894c736b33f45199bd9519f012d /libpod/container_copy_linux.go
parent18efc5a3a78ba7352e42517ba251212833b4583d (diff)
downloadpodman-bc0e12a047cce2cc717320257545663073383f48.tar.gz
podman-bc0e12a047cce2cc717320257545663073383f48.tar.bz2
podman-bc0e12a047cce2cc717320257545663073383f48.zip
Fix problem copying files when container is in host pid namespace
When attempting to copy files into and out of running containers within the host pidnamespace, the code was attempting to join the host pidns again, and getting an error. This was causing the podman cp command to fail. Since we are already in the host pid namespace, we should not be attempting to join. This PR adds a check to see if the container is in NOT host pid namespace, and only then attempts to join. Fixes: https://github.com/containers/podman/issues/9985 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'libpod/container_copy_linux.go')
-rw-r--r--libpod/container_copy_linux.go25
1 files changed, 18 insertions, 7 deletions
diff --git a/libpod/container_copy_linux.go b/libpod/container_copy_linux.go
index 5c275c641..0ab322829 100644
--- a/libpod/container_copy_linux.go
+++ b/libpod/container_copy_linux.go
@@ -237,21 +237,32 @@ func (c *Container) joinMountAndExec(ctx context.Context, f func() error) error
}
defer mountFD.Close()
- pidFD, err := getFD(PIDNS)
+ inHostPidNS, err := c.inHostPidNS()
if err != nil {
- errChan <- err
+ errChan <- errors.Wrap(err, "checking inHostPidNS")
return
}
- defer pidFD.Close()
- if err := unix.Unshare(unix.CLONE_NEWNS); err != nil {
- errChan <- err
- return
+ var pidFD *os.File
+ if !inHostPidNS {
+ pidFD, err = getFD(PIDNS)
+ if err != nil {
+ errChan <- err
+ return
+ }
+ defer pidFD.Close()
}
- if err := unix.Setns(int(pidFD.Fd()), unix.CLONE_NEWPID); err != nil {
+
+ if err := unix.Unshare(unix.CLONE_NEWNS); err != nil {
errChan <- err
return
}
+ if pidFD != nil {
+ if err := unix.Setns(int(pidFD.Fd()), unix.CLONE_NEWPID); err != nil {
+ errChan <- err
+ return
+ }
+ }
if err := unix.Setns(int(mountFD.Fd()), unix.CLONE_NEWNS); err != nil {
errChan <- err
return