nsenter: add --preserve-credentials and cleanup setgroups() usage - openslx/kernel-qcow2-util-linux.git

diff options

author	Karel Zak	2015-01-08 12:52:43 +0100
committer	Karel Zak	2015-01-09 10:36:21 +0100
commit	e99a6626d6262266f012a20ae69c8e4573ee22fd (patch)
tree	4b29fc9f9443bcfd55988198438f804a51cdc3b2 /sys-utils/hwclock-cmos.c
parent	nsenter: keep semantic consistent (diff)
download	kernel-qcow2-util-linux-e99a6626d6262266f012a20ae69c8e4573ee22fd.tar.gz kernel-qcow2-util-linux-e99a6626d6262266f012a20ae69c8e4573ee22fd.tar.xz kernel-qcow2-util-linux-e99a6626d6262266f012a20ae69c8e4573ee22fd.zip

nsenter: add --preserve-credentials and cleanup setgroups() usage

The new option --preserve-credentials completely disables all operations related to UIGs and GIDs. The patch also calls setgroups() before we enter user namespace (so root can always clear their groups) and after we enter user namespace (to detect /proc/self/setgroups "deny"). If both fail then nsenter complains. Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Karel Zak <kzak@redhat.com>

Diffstat (limited to 'sys-utils/hwclock-cmos.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: