mirror of
https://github.com/systemd/systemd.git
synced 2024-10-31 16:21:26 +03:00
process-util: add new FORK_NEW_MOUNTNS flag to safe_fork()
That way we can move one more code location to use safe_fork()
This commit is contained in:
parent
3f60395254
commit
be39f6ee31
@ -1199,6 +1199,9 @@ int safe_fork_full(
|
||||
if (sigprocmask(SIG_SETMASK, &ss, &saved_ss) < 0)
|
||||
return log_full_errno(prio, errno, "Failed to set signal mask: %m");
|
||||
|
||||
if (flags & FORK_NEW_MOUNTNS)
|
||||
pid = raw_clone(SIGCHLD|CLONE_NEWNS);
|
||||
else
|
||||
pid = fork();
|
||||
if (pid < 0) {
|
||||
r = -errno;
|
||||
|
@ -168,6 +168,7 @@ typedef enum ForkFlags {
|
||||
FORK_REOPEN_LOG = 1U << 4,
|
||||
FORK_LOG = 1U << 5,
|
||||
FORK_WAIT = 1U << 6,
|
||||
FORK_NEW_MOUNTNS = 1U << 7,
|
||||
} ForkFlags;
|
||||
|
||||
int safe_fork_full(const char *name, const int except_fds[], size_t n_except_fds, ForkFlags flags, pid_t *ret_pid);
|
||||
|
@ -1259,18 +1259,10 @@ int dissected_image_acquire_metadata(DissectedImage *m) {
|
||||
if (r < 0)
|
||||
goto finish;
|
||||
|
||||
child = raw_clone(SIGCHLD|CLONE_NEWNS);
|
||||
if (child < 0) {
|
||||
r = -errno;
|
||||
r = safe_fork("(sd-dissect)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_NEW_MOUNTNS, &child);
|
||||
if (r < 0)
|
||||
goto finish;
|
||||
}
|
||||
|
||||
if (child == 0) {
|
||||
|
||||
(void) reset_all_signal_handlers();
|
||||
(void) reset_signal_mask();
|
||||
assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0);
|
||||
|
||||
if (r == 0) {
|
||||
/* Make sure we never propagate to the host */
|
||||
if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) < 0)
|
||||
_exit(EXIT_FAILURE);
|
||||
|
Loading…
Reference in New Issue
Block a user