diff options
| author | Christian Brauner <brauner@kernel.org> | 2022-10-01 12:03:25 +0200 |
|---|---|---|
| committer | Christian Brauner (Microsoft) <brauner@kernel.org> | 2022-10-04 18:51:30 +0200 |
| commit | 4b00e738d57b607643ba1ebafbfae1e217785b32 (patch) | |
| tree | 864860475f5f1f90a51d0dcdd5a70b096a4a3205 /src/shared/mount-util.c | |
| parent | f7a2dc3dd507ffa04b2c337c163f0a6e523eb765 (diff) | |
| download | systemd-4b00e738d57b607643ba1ebafbfae1e217785b32.tar.gz | |
mount-util: use in_same_namespace()
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Diffstat (limited to 'src/shared/mount-util.c')
| -rw-r--r-- | src/shared/mount-util.c | 17 |
1 files changed, 5 insertions, 12 deletions
diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c index d646634138..c504ce8fee 100644 --- a/src/shared/mount-util.c +++ b/src/shared/mount-util.c @@ -787,13 +787,13 @@ static int mount_in_namespace( bool is_image) { _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 }; - _cleanup_close_ int self_mntns_fd = -1, mntns_fd = -1, root_fd = -1, pidns_fd = -1, chased_src_fd = -1; + _cleanup_close_ int mntns_fd = -1, root_fd = -1, pidns_fd = -1, chased_src_fd = -1; char mount_slave[] = "/tmp/propagate.XXXXXX", *mount_tmp, *mount_outside, *p; bool mount_slave_created = false, mount_slave_mounted = false, mount_tmp_created = false, mount_tmp_mounted = false, mount_outside_created = false, mount_outside_mounted = false; _cleanup_free_ char *chased_src_path = NULL; - struct stat st, self_mntns_st; + struct stat st; pid_t child; int r; @@ -808,18 +808,11 @@ static int mount_in_namespace( if (r < 0) return log_debug_errno(r, "Failed to retrieve FDs of the target process' namespace: %m"); - if (fstat(mntns_fd, &st) < 0) - return log_debug_errno(errno, "Failed to fstat mount namespace FD of target process: %m"); - - r = namespace_open(0, NULL, &self_mntns_fd, NULL, NULL, NULL); + r = in_same_namespace(target, 0, NAMESPACE_MOUNT); if (r < 0) - return log_debug_errno(r, "Failed to retrieve FDs of systemd's namespace: %m"); - - if (fstat(self_mntns_fd, &self_mntns_st) < 0) - return log_debug_errno(errno, "Failed to fstat mount namespace FD of systemd: %m"); - + return log_debug_errno(r, "Failed to determine if mount namespaces are equal: %m"); /* We can't add new mounts at runtime if the process wasn't started in a namespace */ - if (stat_inode_same(&st, &self_mntns_st)) + if (r > 0) return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to activate bind mount in target, not running in a mount namespace"); /* One day, when bind mounting /proc/self/fd/n works across namespace boundaries we should rework |