diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-04-13 03:07:48 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-04-13 03:07:48 -0700 |
commit | 37598ab896b9d53b9f7dbfc75adf26af4fdc4a95 (patch) | |
tree | 94d6ae7e1c9ce33f00e3977ddeaacbca83aac365 /pkg/rootless | |
parent | 852ca40665d7a0b08ee749e08cb46625c9763f35 (diff) | |
parent | 814066ee3b6047c3a582d3bfb508895763379acb (diff) | |
download | podman-37598ab896b9d53b9f7dbfc75adf26af4fdc4a95.tar.gz podman-37598ab896b9d53b9f7dbfc75adf26af4fdc4a95.tar.bz2 podman-37598ab896b9d53b9f7dbfc75adf26af4fdc4a95.zip |
Merge pull request #2915 from giuseppe/rootless-do-not-block-sigtstp
rootless: do not block SIGTSTP
Diffstat (limited to 'pkg/rootless')
-rw-r--r-- | pkg/rootless/rootless_linux.c | 7 | ||||
-rw-r--r-- | pkg/rootless/rootless_linux.go | 14 |
2 files changed, 20 insertions, 1 deletions
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c index 9cb79ed4d..d6a2793a7 100644 --- a/pkg/rootless/rootless_linux.c +++ b/pkg/rootless/rootless_linux.c @@ -16,6 +16,8 @@ #include <sys/types.h> #include <sys/prctl.h> #include <dirent.h> +#include <termios.h> +#include <sys/ioctl.h> static const char *_max_user_namespaces = "/proc/sys/user/max_user_namespaces"; static const char *_unprivileged_user_namespaces = "/proc/sys/kernel/unprivileged_userns_clone"; @@ -178,6 +180,11 @@ reexec_userns_join (int userns, int mountns) _exit (EXIT_FAILURE); } + if (isatty (1) && ioctl (1, TIOCSCTTY, 0) == -1) { + fprintf (stderr, "cannot ioctl(TIOCSCTTY): %s\n", strerror (errno)); + _exit (EXIT_FAILURE); + } + if (setns (userns, 0) < 0) { fprintf (stderr, "cannot setns: %s\n", strerror (errno)); diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go index 1d1b1713d..2c99f41a4 100644 --- a/pkg/rootless/rootless_linux.go +++ b/pkg/rootless/rootless_linux.go @@ -28,6 +28,10 @@ extern int reexec_userns_join(int userns, int mountns); */ import "C" +const ( + numSig = 65 // max number of signals +) + func runInUser() error { os.Setenv("_CONTAINERS_USERNS_CONFIGURED", "done") return nil @@ -283,7 +287,15 @@ func BecomeRootInUserNS() (bool, int, error) { c := make(chan os.Signal, 1) - gosignal.Notify(c) + signals := []os.Signal{} + for sig := 0; sig < numSig; sig++ { + if sig == int(syscall.SIGTSTP) { + continue + } + signals = append(signals, syscall.Signal(sig)) + } + + gosignal.Notify(c, signals...) defer gosignal.Reset() go func() { for s := range c { |