From 7fe2bb84c49233ca4da76c0df377819b93571f9c Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Tue, 30 Jun 2015 13:41:41 +0000 Subject: [PATCH] nspawn: determine_uid_shift before forking It is needed in one branch of the fork, but calculated in another branch. Failing to do this means using --private-users without specifying a uid shift always fails because it tries to shift the uid to UID_INVALID. --- src/nspawn/nspawn.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 4cf2d14ae2c..e0437e7da74 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -4313,10 +4313,6 @@ static int outer_child( if (r < 0) return r; - r = determine_uid_shift(directory); - if (r < 0) - return r; - /* Turn directory into bind mount */ if (mount(directory, directory, NULL, MS_BIND|MS_REC, NULL) < 0) return log_error_errno(errno, "Failed to make bind mount: %m"); @@ -4495,6 +4491,10 @@ int main(int argc, char *argv[]) { if (r < 0) goto finish; + r = determine_uid_shift(arg_directory); + if (r < 0) + return r; + if (geteuid() != 0) { log_error("Need to be root."); r = -EPERM;