mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-10-28 20:25:25 +03:00
machine: ignore containers which disable private user namespace in MapToMachine{User,Group}
Fixes #9286.
This commit is contained in:
parent
6f8a8b84f2
commit
24f5a4c7c6
@ -1010,6 +1010,10 @@ static int method_map_to_machine_user(sd_bus_message *message, void *userdata, s
|
|||||||
return -EIO;
|
return -EIO;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* The private user namespace is disabled, ignoring. */
|
||||||
|
if (uid_shift == 0)
|
||||||
|
continue;
|
||||||
|
|
||||||
if (uid < uid_shift || uid >= uid_shift + uid_range)
|
if (uid < uid_shift || uid >= uid_shift + uid_range)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
@ -1128,6 +1132,10 @@ static int method_map_to_machine_group(sd_bus_message *message, void *groupdata,
|
|||||||
return -EIO;
|
return -EIO;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* The private user namespace is disabled, ignoring. */
|
||||||
|
if (gid_shift == 0)
|
||||||
|
continue;
|
||||||
|
|
||||||
if (gid < gid_shift || gid >= gid_shift + gid_range)
|
if (gid < gid_shift || gid >= gid_shift + gid_range)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user