From 2bd95ea8559d95c6f6bc373043b382d1f3904a6c Mon Sep 17 00:00:00 2001 From: Misaki Kasumi Date: Sat, 21 Dec 2024 03:29:43 +0800 Subject: [PATCH] sysroot: Fix ostree in ostree nsenter --- src/libostree/ostree-sysroot.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/src/libostree/ostree-sysroot.c b/src/libostree/ostree-sysroot.c index 27ecdb61..98bfae43 100644 --- a/src/libostree/ostree-sysroot.c +++ b/src/libostree/ostree-sysroot.c @@ -529,6 +529,9 @@ _ostree_sysroot_ensure_visible (OstreeSysroot *self, GError **error) return FALSE; /* Because namespace is per-thread, there is no race here */ + if (unshare (CLONE_NEWNS) < 0) + return glnx_throw_errno_prefix (error, "unshare"); + if (setns (sysroot_ns_fd, CLONE_NEWNS) < 0) return glnx_throw_errno_prefix (error, "setns"); @@ -562,11 +565,18 @@ _ostree_sysroot_ensure_writable (OstreeSysroot *self, GError **error) if (!_ostree_sysroot_ensure_boot_fd (self, error)) return FALSE; - glnx_autofd int cur_ns_fd = -1; - g_autofree char *cur_ns = g_strdup_printf ("/proc/%d/ns/mnt", gettid ()); - if (!glnx_openat_rdonly (AT_FDCWD, cur_ns, TRUE, &cur_ns_fd, error)) + gboolean in_root; + if (!_ostree_in_root_mount_namespace (&in_root, error)) return FALSE; + glnx_autofd int cur_ns_fd = -1; + if (in_root) + { + g_autofree char *cur_ns = g_strdup_printf ("/proc/%d/ns/mnt", gettid ()); + if (!glnx_openat_rdonly (AT_FDCWD, cur_ns, TRUE, &cur_ns_fd, error)) + return FALSE; + } + if (!_ostree_sysroot_enter_mount_namespace (self, error)) return FALSE; @@ -587,8 +597,11 @@ _ostree_sysroot_ensure_writable (OstreeSysroot *self, GError **error) if (!_ostree_sysroot_ensure_boot_fd (self, error)) return FALSE; - if (setns (cur_ns_fd, CLONE_NEWNS) < 0) - return glnx_throw_errno_prefix (error, "setns"); + if (in_root) + { + if (setns (cur_ns_fd, CLONE_NEWNS) < 0) + return glnx_throw_errno_prefix (error, "setns"); + } return TRUE; }