From 4b176d4f4573dbb6aea635a492b780b7c8cd0912 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Mon, 1 Jul 2019 21:58:30 +0200
Subject: rootless: do not join namespace if it has already euid == 0

do not attempt to join the rootless namespace if it is running already
with euid == 0.

Closes: https://github.com/containers/libpod/issues/3463

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 pkg/rootless/rootless_linux.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c
index d58a08801..19b76f387 100644
--- a/pkg/rootless/rootless_linux.c
+++ b/pkg/rootless/rootless_linux.c
@@ -244,7 +244,7 @@ static void __attribute__((constructor)) init()
   /* Shortcut.  If we are able to join the pause pid file, do it now so we don't
      need to re-exec.  */
   xdg_runtime_dir = getenv ("XDG_RUNTIME_DIR");
-  if (xdg_runtime_dir && xdg_runtime_dir[0] && can_use_shortcut ())
+  if (geteuid () != 0 && xdg_runtime_dir && xdg_runtime_dir[0] && can_use_shortcut ())
     {
       int r;
       int fd;
-- 
cgit v1.2.3-54-g00ecf