diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-07-01 21:58:30 +0200 |
---|---|---|
committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-07-01 21:58:33 +0200 |
commit | 4b176d4f4573dbb6aea635a492b780b7c8cd0912 (patch) | |
tree | 73f46d256d0f2afd69435c26c3f7129804333054 /pkg | |
parent | 150778820f0f6d9f7ffdb672a8b136804378f025 (diff) | |
download | podman-4b176d4f4573dbb6aea635a492b780b7c8cd0912.tar.gz podman-4b176d4f4573dbb6aea635a492b780b7c8cd0912.tar.bz2 podman-4b176d4f4573dbb6aea635a492b780b7c8cd0912.zip |
rootless: do not join namespace if it has already euid == 0
do not attempt to join the rootless namespace if it is running already
with euid == 0.
Closes: https://github.com/containers/libpod/issues/3463
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/rootless/rootless_linux.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c index d58a08801..19b76f387 100644 --- a/pkg/rootless/rootless_linux.c +++ b/pkg/rootless/rootless_linux.c @@ -244,7 +244,7 @@ static void __attribute__((constructor)) init() /* Shortcut. If we are able to join the pause pid file, do it now so we don't need to re-exec. */ xdg_runtime_dir = getenv ("XDG_RUNTIME_DIR"); - if (xdg_runtime_dir && xdg_runtime_dir[0] && can_use_shortcut ()) + if (geteuid () != 0 && xdg_runtime_dir && xdg_runtime_dir[0] && can_use_shortcut ()) { int r; int fd; |