namespace: use ERRNO_IS_PRIVILEGE()/ERRNO_IS_NOT_SUPPORTED() where appropriate

author: Lennart Poettering <lennart@poettering.net> 2023-03-13 15:19:56 +0100
committer: Yu Watanabe <watanabe.yu+github@gmail.com> 2023-03-14 12:57:46 +0900
commit: eacfbd89c31742ace242177f570e9c70f915ce86 (patch)
tree: 3f614bd66afb8fb5c86b3bc649cd51d83443dee6 /src/core/namespace.c
parent: 880adc6edddd26749c050305e892ccc18542af4b (diff)
download: systemd-eacfbd89c31742ace242177f570e9c70f915ce86.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/src/core/namespace.c b/src/core/namespace.c
index b4bb01bb74..8a8ff5ac7d 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -2426,7 +2426,8 @@ int setup_namespace(
 
         if (unshare(CLONE_NEWNS) < 0) {
                 r = log_debug_errno(errno, "Failed to unshare the mount namespace: %m");
-                if (IN_SET(r, -EACCES, -EPERM, -EOPNOTSUPP, -ENOSYS))
+                if (ERRNO_IS_PRIVILEGE(r) ||
+                    ERRNO_IS_NOT_SUPPORTED(r))
                         /* If the kernel doesn't support namespaces, or when there's a MAC or seccomp filter
                          * in place that doesn't allow us to create namespaces (or a missing cap), then
                          * propagate a recognizable error back, which the caller can use to detect this case
author	Lennart Poettering <lennart@poettering.net>	2023-03-13 15:19:56 +0100
committer	Yu Watanabe <watanabe.yu+github@gmail.com>	2023-03-14 12:57:46 +0900
commit	eacfbd89c31742ace242177f570e9c70f915ce86 (patch)
tree	3f614bd66afb8fb5c86b3bc649cd51d83443dee6 /src/core/namespace.c
parent	880adc6edddd26749c050305e892ccc18542af4b (diff)
download	systemd-eacfbd89c31742ace242177f570e9c70f915ce86.tar.gz