nsswitch: do not reload if "/" changes

https://sourceware.org/bugzilla/show_bug.cgi?id=27077 Before reloading nsswitch.conf, verify that the root directory hasn't changed - if it has, it's likely that we've entered a container and should not trust the nsswitch inside the container nor load any shared objects therein. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
author: DJ Delorie <dj@redhat.com> 2021-01-15 19:50:00 -0500
committer: DJ Delorie <dj@redhat.com> 2021-01-27 13:35:15 -0500
commit: 429029a73ec2dba7f808f69ec8b9e3d84e13e804 (patch)
tree: cfe71d0e361692d5aabff4d8eaa00f2638f69fe4 /nss/nss_module.c
parent: 01cdcf783a666481133d4975b1980624b0ef4799 (diff)
download: glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.zip
glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.tar.gz
glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.tar.bz2
1 files changed, 13 insertions, 0 deletions
diff --git a/nss/nss_module.c b/nss/nss_module.c
index 1a93599..6c5f341 100644
--- a/nss/nss_module.c
+++ b/nss/nss_module.c
@@ -349,6 +349,19 @@ __nss_disable_nscd (void (*cb) (size_t, struct traced_file *))
 }
 #endif
 
+/* Block attempts to dlopen any module we haven't already opened.  */
+void
+__nss_module_disable_loading (void)
+{
+  __libc_lock_lock (nss_module_list_lock);
+
+  for (struct nss_module *p = nss_module_list; p != NULL; p = p->next)
+    if (p->state == nss_module_uninitialized)
+      p->state = nss_module_failed;
+
+  __libc_lock_unlock (nss_module_list_lock);
+}
+
 void __libc_freeres_fn_section
 __nss_module_freeres (void)
 {
author	DJ Delorie <dj@redhat.com>	2021-01-15 19:50:00 -0500
committer	DJ Delorie <dj@redhat.com>	2021-01-27 13:35:15 -0500
commit	429029a73ec2dba7f808f69ec8b9e3d84e13e804 (patch)
tree	cfe71d0e361692d5aabff4d8eaa00f2638f69fe4 /nss/nss_module.c
parent	01cdcf783a666481133d4975b1980624b0ef4799 (diff)
download	glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.zip glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.tar.gz glibc-429029a73ec2dba7f808f69ec8b9e3d84e13e804.tar.bz2