diff options
| author | Lennart Poettering <lennart@poettering.net> | 2018-11-12 23:39:01 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2018-11-13 10:49:18 +0100 |
| commit | 0a885dd055d30200021f7de188e2228c4d824518 (patch) | |
| tree | 6e0fe81e372f3d08bb1b218b534896a95b503aaf | |
| parent | 27096982798e4f4d1498f9ce75c317b8d3376125 (diff) | |
| download | systemd-0a885dd055d30200021f7de188e2228c4d824518.tar.gz | |
sd-bus: port over to namespace_fork()
This is pretty similar code, let's replace it with the generic
namespace_fork() implementation.
| -rw-r--r-- | src/libsystemd/sd-bus/bus-container.c | 42 |
1 files changed, 9 insertions, 33 deletions
diff --git a/src/libsystemd/sd-bus/bus-container.c b/src/libsystemd/sd-bus/bus-container.c index 38023087a3..2cfeefc2c3 100644 --- a/src/libsystemd/sd-bus/bus-container.c +++ b/src/libsystemd/sd-bus/bus-container.c @@ -45,51 +45,27 @@ int bus_container_connect_socket(sd_bus *b) { if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0) return -errno; - r = safe_fork("(sd-buscntr)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &child); + r = namespace_fork("(sd-buscntrns)", "(sd-buscntr)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG, + pidnsfd, mntnsfd, -1, usernsfd, rootfd, &child); if (r < 0) return r; if (r == 0) { - pid_t grandchild; - pair[0] = safe_close(pair[0]); - r = namespace_enter(pidnsfd, mntnsfd, -1, usernsfd, rootfd); - if (r < 0) - _exit(EXIT_FAILURE); - - /* We just changed PID namespace, however it will only - * take effect on the children we now fork. Hence, - * let's fork another time, and connect from this - * grandchild, so that SO_PEERCRED of our connection - * comes from a process from within the container, and - * not outside of it */ - - r = safe_fork("(sd-buscntr2)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &grandchild); - if (r < 0) + r = connect(b->input_fd, &b->sockaddr.sa, b->sockaddr_size); + if (r < 0) { + /* Try to send error up */ + error_buf = errno; + (void) write(pair[1], &error_buf, sizeof(error_buf)); _exit(EXIT_FAILURE); - if (r == 0) { - - r = connect(b->input_fd, &b->sockaddr.sa, b->sockaddr_size); - if (r < 0) { - /* Try to send error up */ - error_buf = errno; - (void) write(pair[1], &error_buf, sizeof(error_buf)); - _exit(EXIT_FAILURE); - } - - _exit(EXIT_SUCCESS); } - r = wait_for_terminate_and_check("(sd-buscntr2)", grandchild, 0); - if (r < 0) - _exit(EXIT_FAILURE); - - _exit(r); + _exit(EXIT_SUCCESS); } pair[1] = safe_close(pair[1]); - r = wait_for_terminate_and_check("(sd-buscntr)", child, 0); + r = wait_for_terminate_and_check("(sd-buscntrns)", child, 0); if (r < 0) return r; if (r != EXIT_SUCCESS) |