aboutsummaryrefslogtreecommitdiff
path: root/src/libutil
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2021-12-16 21:26:22 +0100
committerEelco Dolstra <edolstra@gmail.com>2021-12-16 22:02:50 +0100
commitec8f24ed3a3115cba85f908515c423112e5b13e0 (patch)
tree986907480e950a2b6c0fd1079a9ad96a0e38dd46 /src/libutil
parentc260640dec6e35c714b666a1e7adede5aab6972a (diff)
Ignore EPERM when unsharing FS state
On Docker (but not podman), unshare(CLONE_FS) fails with EPERM. So let's ignore it and hope nothing bad happens. Attempted fix for #5777.
Diffstat (limited to 'src/libutil')
-rw-r--r--src/libutil/util.cc8
-rw-r--r--src/libutil/util.hh5
2 files changed, 13 insertions, 0 deletions
diff --git a/src/libutil/util.cc b/src/libutil/util.cc
index 1b6467eb2..43fea1b1e 100644
--- a/src/libutil/util.cc
+++ b/src/libutil/util.cc
@@ -1660,6 +1660,14 @@ void restoreMountNamespace()
#endif
}
+void unshareFilesystem()
+{
+#ifdef __linux__
+ if (unshare(CLONE_FS) != 0 && errno != EPERM)
+ throw SysError("unsharing filesystem state in download thread");
+#endif
+}
+
void restoreProcessContext(bool restoreMounts)
{
restoreSignals();
diff --git a/src/libutil/util.hh b/src/libutil/util.hh
index bc96bfed1..4cc043a84 100644
--- a/src/libutil/util.hh
+++ b/src/libutil/util.hh
@@ -311,6 +311,11 @@ void saveMountNamespace();
if saveMountNamespace() was never called. */
void restoreMountNamespace();
+/* Cause this thread to not share any FS attributes with the main
+ thread, because this causes setns() in restoreMountNamespace() to
+ fail. */
+void unshareFilesystem();
+
class ExecError : public Error
{