diff options
| author | Giuseppe Scrivano <gscrivan@redhat.com> | 2018-07-05 12:03:01 +0200 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-07-05 13:30:15 +0000 |
| commit | a1545fe6e4749444204f27f5c04034f9415d4757 (patch) | |
| tree | b930f8c5a95c217ba1ce63db8a9574e79b15cdfd /pkg/rootless/rootless_linux.c | |
| parent | e38272047fbafb9fb35419e356d4576824585c23 (diff) | |
| download | podman-a1545fe6e4749444204f27f5c04034f9415d4757.tar.gz podman-a1545fe6e4749444204f27f5c04034f9415d4757.tar.bz2 podman-a1545fe6e4749444204f27f5c04034f9415d4757.zip | |
rootless: add function to retrieve the original UID
After we re-exec in the userNS os.Getuid() returns the new UID (= 0)
which is not what we want to use.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1048
Approved by: mheon
Diffstat (limited to 'pkg/rootless/rootless_linux.c')
| -rw-r--r-- | pkg/rootless/rootless_linux.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c index 163f46052..0f2008375 100644 --- a/pkg/rootless/rootless_linux.c +++ b/pkg/rootless/rootless_linux.c @@ -88,6 +88,9 @@ reexec_in_user_namespace(int ready) char b; pid_t ppid = getpid (); char **argv; + char uid[16]; + + sprintf (uid, "%d", geteuid ()); pid = syscall_clone (CLONE_NEWUSER|SIGCHLD, NULL); if (pid) @@ -96,6 +99,7 @@ reexec_in_user_namespace(int ready) argv = get_cmd_line_args (ppid); setenv ("_LIBPOD_USERNS_CONFIGURED", "init", 1); + setenv ("_LIBPOD_ROOTLESS_UID", uid, 1); do ret = read (ready, &b, 1) < 0; @@ -104,6 +108,10 @@ reexec_in_user_namespace(int ready) _exit (1); close (ready); + if (setresgid (0, 0, 0) < 0 || + setresuid (0, 0, 0) < 0) + _exit (1); + execv (argv[0], argv); _exit (1); |