diff options
| author | Karel Zak | 2015-01-08 12:27:59 +0100 |
|---|---|---|
| committer | Karel Zak | 2015-01-09 10:36:01 +0100 |
| commit | 83fb8aa53d15dd7ee2c62bffa4fc04f70646650b (patch) | |
| tree | e1a9180f256835935bfc14531bce988650d9d237 /sys-utils/nsenter.c | |
| parent | unshare: add --setgroups=deny|allow (diff) | |
| download | kernel-qcow2-util-linux-83fb8aa53d15dd7ee2c62bffa4fc04f70646650b.tar.gz kernel-qcow2-util-linux-83fb8aa53d15dd7ee2c62bffa4fc04f70646650b.tar.xz kernel-qcow2-util-linux-83fb8aa53d15dd7ee2c62bffa4fc04f70646650b.zip | |
nsenter: keep semantic consistent
The current nseneter behavior is inconsistent and depends on way how
namespace is specified on command line
# nsenter --user
vs.
# nseneter --user=filename
if the namespace is specified by <filename> than nsenter does not do
additinal setting and actions (e.g. does not call setgroups, setuid).
This is bug.
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'sys-utils/nsenter.c')
| -rw-r--r-- | sys-utils/nsenter.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/sys-utils/nsenter.c b/sys-utils/nsenter.c index e00a3e472..50f77f381 100644 --- a/sys-utils/nsenter.c +++ b/sys-utils/nsenter.c @@ -284,6 +284,15 @@ int main(int argc, char *argv[]) open_target_fd(&wd_fd, "cwd", NULL); /* + * Update namespaces variable to contain all requested namespaces + */ + for (nsfile = namespace_files; nsfile->nstype; nsfile++) { + if (nsfile->fd < 0) + continue; + namespaces |= nsfile->nstype; + } + + /* * Now that we know which namespaces we want to enter, enter them. */ for (nsfile = namespace_files; nsfile->nstype; nsfile++) { |