diff options
-rw-r--r-- | TODO | 2 | ||||
-rw-r--r-- | src/nspawn.c | 8 |
2 files changed, 6 insertions, 4 deletions
@@ -77,6 +77,8 @@ Features: controllers together in order to guarantee atomic creation/addition of cgroups +* don't enter "exited" mode for sysv services with pid file + * avoid DefaultStandardOutput=syslog to have any effect on StandardInput=socket services * cgroup_notify_empty(): recursively check groups up the tree, too diff --git a/src/nspawn.c b/src/nspawn.c index bead9eea2b..50d7c2e289 100644 --- a/src/nspawn.c +++ b/src/nspawn.c @@ -797,12 +797,12 @@ int main(int argc, char *argv[]) { goto child_fail; } - if (setregid(gid, gid) < 0) { + if (setresgid(gid, gid, gid) < 0) { log_error("setregid() failed: %m"); goto child_fail; } - if (setreuid(uid, uid) < 0) { + if (setresuid(uid, uid, uid) < 0) { log_error("setreuid() failed: %m"); goto child_fail; } @@ -811,7 +811,7 @@ int main(int argc, char *argv[]) { if ((asprintf((char**)(envp + 2), "HOME=%s", home? home: "/root") < 0) || (asprintf((char**)(envp + 3), "USER=%s", arg_user? arg_user : "root") < 0) || (asprintf((char**)(envp + 4), "LOGNAME=%s", arg_user? arg_user : "root") < 0)) { - log_error("environment setup failed: %m"); + log_error("Out of memory"); goto child_fail; } @@ -821,7 +821,7 @@ int main(int argc, char *argv[]) { if (argc > optind) execvpe(argv[optind], argv + optind, (char**) envp); else { - chdir(home? home : "/root"); + chdir(home ? home : "/root"); execle("/bin/bash", "-bash", NULL, (char**) envp); } |