shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-07 18:27:04 +03:00
Code

nspawn: don't try to resolve passed binary before entering namespace

Browse Source 
Othewise we might follow the symlinks on the host, instead of the
container.

Fixes #1400
This commit is contained in:
Lennart Poettering 2015-10-22 01:33:06 +02:00
parent 0e2656744f
commit 16fb773ee3
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/nspawn/nspawn.c
View File

@ -3148,10 +3148,9 @@ int main(int argc, char *argv[]) {
} else {
const char *p;
p = strjoina(arg_directory,
argc > optind && path_is_absolute(argv[optind]) ? argv[optind] : "/usr/bin/");
if (access(p, F_OK) < 0) {
log_error("Directory %s lacks the binary to execute or doesn't look like a binary tree. Refusing.", arg_directory);
p = strjoina(arg_directory, "/usr/");
if (laccess(p, F_OK) < 0) {
log_error("Directory %s doesn't look like it has an OS tree. Refusing.", arg_directory);
r = -EINVAL;
goto finish;
}