diff options
author | Eelco Dolstra <edolstra@gmail.com> | 2021-12-16 21:26:22 +0100 |
---|---|---|
committer | Eelco Dolstra <edolstra@gmail.com> | 2021-12-16 22:02:50 +0100 |
commit | ec8f24ed3a3115cba85f908515c423112e5b13e0 (patch) | |
tree | 986907480e950a2b6c0fd1079a9ad96a0e38dd46 /src/libutil | |
parent | c260640dec6e35c714b666a1e7adede5aab6972a (diff) |
Ignore EPERM when unsharing FS state
On Docker (but not podman), unshare(CLONE_FS) fails with EPERM. So
let's ignore it and hope nothing bad happens.
Attempted fix for #5777.
Diffstat (limited to 'src/libutil')
-rw-r--r-- | src/libutil/util.cc | 8 | ||||
-rw-r--r-- | src/libutil/util.hh | 5 |
2 files changed, 13 insertions, 0 deletions
diff --git a/src/libutil/util.cc b/src/libutil/util.cc index 1b6467eb2..43fea1b1e 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -1660,6 +1660,14 @@ void restoreMountNamespace() #endif } +void unshareFilesystem() +{ +#ifdef __linux__ + if (unshare(CLONE_FS) != 0 && errno != EPERM) + throw SysError("unsharing filesystem state in download thread"); +#endif +} + void restoreProcessContext(bool restoreMounts) { restoreSignals(); diff --git a/src/libutil/util.hh b/src/libutil/util.hh index bc96bfed1..4cc043a84 100644 --- a/src/libutil/util.hh +++ b/src/libutil/util.hh @@ -311,6 +311,11 @@ void saveMountNamespace(); if saveMountNamespace() was never called. */ void restoreMountNamespace(); +/* Cause this thread to not share any FS attributes with the main + thread, because this causes setns() in restoreMountNamespace() to + fail. */ +void unshareFilesystem(); + class ExecError : public Error { |