From 46acded58d71528c24f89cdef6c18a283e23cc54 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 29 Aug 2018 10:15:03 +0200 Subject: rootless, exec: use the new function to join the userns since we have a way for joining an existing userns use it instead of nsenter. Signed-off-by: Giuseppe Scrivano Closes: #1371 Approved by: rhatdan --- cmd/podman/exec.go | 13 +++++++++++++ libpod/oci.go | 9 --------- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/cmd/podman/exec.go b/cmd/podman/exec.go index 0cd6f98b7..ed11b3c4b 100644 --- a/cmd/podman/exec.go +++ b/cmd/podman/exec.go @@ -2,6 +2,7 @@ package main import ( "fmt" + "os" "strings" "github.com/containers/libpod/cmd/podman/libpodruntime" @@ -84,6 +85,18 @@ func execCmd(c *cli.Context) error { return errors.Wrapf(err, "unable to exec into %s", args[0]) } + pid, err := ctr.PID() + if err != nil { + return err + } + became, ret, err := rootless.JoinNS(uint(pid)) + if err != nil { + return err + } + if became { + os.Exit(ret) + } + // ENVIRONMENT VARIABLES env := defaultEnvVariables for _, e := range c.StringSlice("env") { diff --git a/libpod/oci.go b/libpod/oci.go index 240f53885..e1c0d1261 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -691,15 +691,6 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty logrus.Debugf("Starting runtime %s with following arguments: %v", r.path, args) execCmd := exec.Command(r.path, args...) - if rootless.IsRootless() { - args = append([]string{"--preserve-credentials", "--user=/proc/self/fd/3", r.path}, args...) - f, err := rootless.GetUserNSForPid(uint(c.state.PID)) - if err != nil { - return nil, err - } - execCmd = exec.Command("nsenter", args...) - execCmd.ExtraFiles = append(execCmd.ExtraFiles, f) - } execCmd.Stdout = os.Stdout execCmd.Stderr = os.Stderr execCmd.Stdin = os.Stdin -- cgit v1.2.3-54-g00ecf