From ad74f28a13d38355150bca5e55e5ab3dc8472d64 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 15 Dec 2020 00:55:57 +0900
Subject: [PATCH 1/2] core/namespace: do not ignore non-EPERM mount error

Follow-up for 61f8a7bd3e20222617fc59f398071daf2af86f96.
---
 src/core/namespace.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/core/namespace.c b/src/core/namespace.c
index 93eab45e21..39729ba899 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -914,7 +914,8 @@ static int mount_procfs(const MountEntry *m, const NamespaceInfo *ns_info) {
                 if (r == 0)
                         /* /proc is not mounted. Propagate the original error code. */
                         return -EPERM;
-        }
+        } else if (r < 0)
+                return r;
 
         return 1;
 }

From c4837f45674736f692bea29348d217ee8908fc5b Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 15 Dec 2020 02:37:11 +0900
Subject: [PATCH 2/2] Revert "core/namespace: ignore ENOENT for
 /proc/sys/kernel/domainname and hostname"

This reverts commit 0ebc9f23faf5586f8a9250c3be08773eb3f8d2da.

With the previous commit, these files should always exist.

Closes #17979.
---
 src/core/namespace.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/core/namespace.c b/src/core/namespace.c
index 39729ba899..9154fde77e 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -1692,12 +1692,10 @@ int setup_namespace(
                         *(m++) = (MountEntry) {
                                 .path_const = "/proc/sys/kernel/hostname",
                                 .mode = READONLY,
-                                .ignore = true,
                         };
                         *(m++) = (MountEntry) {
                                 .path_const = "/proc/sys/kernel/domainname",
                                 .mode = READONLY,
-                                .ignore = true,
                         };
                 }