summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cmd/podman/create.go11
-rw-r--r--cmd/podman/exec.go29
2 files changed, 29 insertions, 11 deletions
diff --git a/cmd/podman/create.go b/cmd/podman/create.go
index fa8b9f57b..8a5d0cf73 100644
--- a/cmd/podman/create.go
+++ b/cmd/podman/create.go
@@ -893,7 +893,16 @@ func joinOrCreateRootlessUserNamespace(createConfig *cc.CreateConfig, runtime *l
}
return false, -1, errors.Errorf("dependency container %s is not running", ctr.ID())
}
- return rootless.JoinNS(uint(pid), 0)
+
+ data, err := ioutil.ReadFile(ctr.Config().ConmonPidFile)
+ if err != nil {
+ return false, -1, errors.Wrapf(err, "cannot read conmon PID file %q", ctr.Config().ConmonPidFile)
+ }
+ conmonPid, err := strconv.Atoi(string(data))
+ if err != nil {
+ return false, -1, errors.Wrapf(err, "cannot parse PID %q", data)
+ }
+ return rootless.JoinDirectUserAndMountNS(uint(conmonPid))
}
}
return rootless.BecomeRootInUserNS()
diff --git a/cmd/podman/exec.go b/cmd/podman/exec.go
index c3bcec2ec..e4cea1f5e 100644
--- a/cmd/podman/exec.go
+++ b/cmd/podman/exec.go
@@ -106,16 +106,25 @@ func execCmd(c *cliconfig.ExecValues) error {
}
- pid, err := ctr.PID()
- if err != nil {
- return err
- }
- became, ret, err := rootless.JoinNS(uint(pid), c.PreserveFDs)
- if err != nil {
- return err
- }
- if became {
- os.Exit(ret)
+ if os.Geteuid() != 0 {
+ var became bool
+ var ret int
+
+ data, err := ioutil.ReadFile(ctr.Config().ConmonPidFile)
+ if err != nil {
+ return errors.Wrapf(err, "cannot read conmon PID file %q", ctr.Config().ConmonPidFile)
+ }
+ conmonPid, err := strconv.Atoi(string(data))
+ if err != nil {
+ return errors.Wrapf(err, "cannot parse PID %q", data)
+ }
+ became, ret, err = rootless.JoinDirectUserAndMountNS(uint(conmonPid))
+ if err != nil {
+ return err
+ }
+ if became {
+ os.Exit(ret)
+ }
}
// ENVIRONMENT VARIABLES