diff options
| author | Eelco Dolstra <edolstra@gmail.com> | 2023-06-19 12:54:05 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-06-19 12:54:05 +0200 |
| commit | f5e620bf2be7ed552962ab5b6637771d5a4d64d3 (patch) | |
| tree | f989a4829accc3c9d878c6e9649df05a795b5f39 | |
| parent | 49288d6e4004a8693bc4041bd9f88d6b399dc602 (diff) | |
| parent | e54538c461e993827d9fbe3b8883d3887f184798 (diff) | |
Merge pull request #8483 from edolstra/save-root
restoreMountNamespace(): Restore the original root directory
| -rw-r--r-- | src/libutil/util.cc | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/src/libutil/util.cc b/src/libutil/util.cc index aa0a154fd..26f9dc8a8 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -1853,6 +1853,7 @@ void setStackSize(size_t stackSize) #if __linux__ static AutoCloseFD fdSavedMountNamespace; +static AutoCloseFD fdSavedRoot; #endif void saveMountNamespace() @@ -1860,10 +1861,11 @@ void saveMountNamespace() #if __linux__ static std::once_flag done; std::call_once(done, []() { - AutoCloseFD fd = open("/proc/self/ns/mnt", O_RDONLY); - if (!fd) + fdSavedMountNamespace = open("/proc/self/ns/mnt", O_RDONLY); + if (!fdSavedMountNamespace) throw SysError("saving parent mount namespace"); - fdSavedMountNamespace = std::move(fd); + + fdSavedRoot = open("/proc/self/root", O_RDONLY); }); #endif } @@ -1876,9 +1878,16 @@ void restoreMountNamespace() if (fdSavedMountNamespace && setns(fdSavedMountNamespace.get(), CLONE_NEWNS) == -1) throw SysError("restoring parent mount namespace"); - if (chdir(savedCwd.c_str()) == -1) { - throw SysError("restoring cwd"); + + if (fdSavedRoot) { + if (fchdir(fdSavedRoot.get())) + throw SysError("chdir into saved root"); + if (chroot(".")) + throw SysError("chroot into saved root"); } + + if (chdir(savedCwd.c_str()) == -1) + throw SysError("restoring cwd"); } catch (Error & e) { debug(e.msg()); } |