From 09532c8cc04f52aad055b995a49f76e7909aa12c Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Wed, 10 Apr 2019 23:12:30 +0200
Subject: rootless: fix segfault on refresh if there are containers

create immediately a namespace if we need a refresh.  This is
necessary to access the rootless storage.

Closes: https://github.com/containers/libpod/issues/2894

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 libpod/runtime.go | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/libpod/runtime.go b/libpod/runtime.go
index 4dd2707e8..3b1c2be98 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -870,6 +870,20 @@ func makeRuntime(runtime *Runtime) (err error) {
 
 	_, err = os.Stat(runtimeAliveFile)
 	if err != nil {
+		// If we need to refresh, then it is safe to assume there are
+		// no containers running.  Create immediately a namespace, as
+		// we will need to access the storage.
+		if os.Geteuid() != 0 {
+			aliveLock.Unlock()
+			became, ret, err := rootless.BecomeRootInUserNS()
+			if err != nil {
+				return err
+			}
+			if became {
+				os.Exit(ret)
+			}
+
+		}
 		// If the file doesn't exist, we need to refresh the state
 		// This will trigger on first use as well, but refreshing an
 		// empty state only creates a single file
-- 
cgit v1.2.3-54-g00ecf