nspawn: when readjusting UID/GID ownership of OS trees, skip read-only subtrees
This should allow tools like rkt to pre-mount read-only subtrees in the OS tree, without breaking the patching code. Note that the code will still fail, if the top-level directory is already read-only.
This commit is contained in:
parent
88cd066e11
commit
4aeb20f5aa
|
@ -25,11 +25,13 @@
|
|||
#include <unistd.h>
|
||||
|
||||
#include "fd-util.h"
|
||||
#include "fs-util.h"
|
||||
#include "macro.h"
|
||||
#include "missing.h"
|
||||
#include "parse-util.h"
|
||||
#include "path-util.h"
|
||||
#include "socket-util.h"
|
||||
#include "stdio-util.h"
|
||||
#include "util.h"
|
||||
|
||||
int close_nointr(int fd) {
|
||||
|
@ -356,3 +358,11 @@ bool fdname_is_valid(const char *s) {
|
|||
|
||||
return p - s < 256;
|
||||
}
|
||||
|
||||
int fd_get_path(int fd, char **ret) {
|
||||
char procfs_path[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int)];
|
||||
|
||||
xsprintf(procfs_path, "/proc/self/fd/%i", fd);
|
||||
|
||||
return readlink_malloc(procfs_path, ret);
|
||||
}
|
||||
|
|
|
@ -72,6 +72,8 @@ void cmsg_close_all(struct msghdr *mh);
|
|||
|
||||
bool fdname_is_valid(const char *s);
|
||||
|
||||
int fd_get_path(int fd, char **ret);
|
||||
|
||||
/* Hint: ENETUNREACH happens if we try to connect to "non-existing" special IP addresses, such as ::5 */
|
||||
#define ERRNO_IS_DISCONNECT(r) \
|
||||
IN_SET(r, ENOTCONN, ECONNRESET, ECONNREFUSED, ECONNABORTED, EPIPE, ENETUNREACH)
|
||||
|
|
|
@ -303,7 +303,7 @@ static int is_procfs_sysfs_or_suchlike(int fd) {
|
|||
F_TYPE_EQUAL(sfs.f_type, SYSFS_MAGIC);
|
||||
}
|
||||
|
||||
static int recurse_fd(int fd, bool donate_fd, const struct stat *st, uid_t shift) {
|
||||
static int recurse_fd(int fd, bool donate_fd, const struct stat *st, uid_t shift, bool is_toplevel) {
|
||||
bool changed = false;
|
||||
int r;
|
||||
|
||||
|
@ -321,6 +321,18 @@ static int recurse_fd(int fd, bool donate_fd, const struct stat *st, uid_t shift
|
|||
}
|
||||
|
||||
r = patch_fd(fd, NULL, st, shift);
|
||||
if (r == -EROFS) {
|
||||
_cleanup_free_ char *name = NULL;
|
||||
|
||||
if (!is_toplevel) {
|
||||
/* When we hit a ready-only subtree we simply skip it, but log about it. */
|
||||
(void) fd_get_path(fd, &name);
|
||||
log_debug("Skippping read-only file or directory %s.", strna(name));
|
||||
r = 0;
|
||||
}
|
||||
|
||||
goto finish;
|
||||
}
|
||||
if (r < 0)
|
||||
goto finish;
|
||||
|
||||
|
@ -369,7 +381,7 @@ static int recurse_fd(int fd, bool donate_fd, const struct stat *st, uid_t shift
|
|||
|
||||
}
|
||||
|
||||
r = recurse_fd(subdir_fd, true, &fst, shift);
|
||||
r = recurse_fd(subdir_fd, true, &fst, shift, false);
|
||||
if (r < 0)
|
||||
goto finish;
|
||||
if (r > 0)
|
||||
|
@ -433,7 +445,7 @@ static int fd_patch_uid_internal(int fd, bool donate_fd, uid_t shift, uid_t rang
|
|||
if (((uint32_t) (st.st_uid ^ shift) >> 16) == 0)
|
||||
return 0;
|
||||
|
||||
return recurse_fd(fd, donate_fd, &st, shift);
|
||||
return recurse_fd(fd, donate_fd, &st, shift, true);
|
||||
|
||||
finish:
|
||||
if (donate_fd)
|
||||
|
|
Loading…
Reference in a new issue