shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-07 09:56:51 +03:00
Code

namespace: only make the symlink /dev/ptmx if it was already a symlink

Browse Source 
…otherwise try to clone it as a device node

On most contemporary distros /dev/ptmx is a device node, and
/dev/pts/ptmx has 000 inaccessible permissions. In those cases
the symlink /dev/ptmx -> /dev/pts/ptmx breaks the pseudo tty support.

In that case we better clone the device node.

OTOH, in nspawn containers (and possibly others), /dev/pts/ptmx has
normal permissions, and /dev/ptmx is a symlink. In that case make the
same symlink.

fixes #7878
This commit is contained in:
Дамјан Георгиевски 2018-01-16 21:50:36 +01:00
parent b5e99f23ed
commit 414b304ba2
1 changed files with 21 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/core/namespace.c
View File

@ -496,14 +496,12 @@ static void drop_outside_root(const char *root_directory, MountEntry *m, unsigne
*n = t - m; *n = t - m;
} }
static int clone_device_node(const char *d, const char *temporary_mount) static int clone_device_node(const char *d, const char *temporary_mount) {
{
_cleanup_free_ char *dn = NULL; _cleanup_free_ char *dn = NULL;
struct stat st; struct stat st;
int r; int r;
r = stat(d, &st); if (stat(d, &st) < 0) {
if (r < 0) {
if (errno == ENOENT) if (errno == ENOENT)
return 0; return 0;
return -errno; return -errno;
@ -542,6 +540,7 @@ static int mount_private_dev(MountEntry *m) {
char temporary_mount[] = "/tmp/namespace-dev-XXXXXX"; char temporary_mount[] = "/tmp/namespace-dev-XXXXXX";
const char *d, *dev = NULL, *devpts = NULL, *devshm = NULL, *devhugepages = NULL, *devmqueue = NULL, *devlog = NULL, *devptmx = NULL; const char *d, *dev = NULL, *devpts = NULL, *devshm = NULL, *devhugepages = NULL, *devmqueue = NULL, *devlog = NULL, *devptmx = NULL;
_cleanup_umask_ mode_t u; _cleanup_umask_ mode_t u;
struct stat st;
int r; int r;
assert(m); assert(m);
@ -565,11 +564,27 @@ static int mount_private_dev(MountEntry *m) {
goto fail; goto fail;
} }
devptmx = strjoina(temporary_mount, "/dev/ptmx"); /* /dev/ptmx can either be a device node or a symlink to /dev/pts/ptmx
if (symlink("pts/ptmx", devptmx) < 0) { * when /dev/ptmx a device node, /dev/pts/ptmx has 000 permissions making it inaccessible
* thus, in that case make a clone
*
* in nspawn and other containers it will be a symlink, in that case make it a symlink
*/
if (lstat("/dev/ptmx", &st) < 0) {
r = -errno; r = -errno;
goto fail; goto fail;
} }
if (S_ISLNK(st.st_mode)) {
devptmx = strjoina(temporary_mount, "/dev/ptmx");
if (symlink("pts/ptmx", devptmx) < 0) {
r = -errno;
goto fail;
}
} else {
r = clone_device_node("/dev/ptmx", temporary_mount);
if (r < 0)
goto fail;
}
devshm = strjoina(temporary_mount, "/dev/shm"); devshm = strjoina(temporary_mount, "/dev/shm");
(void) mkdir(devshm, 01777); (void) mkdir(devshm, 01777);