diff options
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | sysdeps/unix/sysv/linux/tst-ttyname.c | 67 |
2 files changed, 14 insertions, 61 deletions
@@ -1,5 +1,13 @@ 2017-11-18 Florian Weimer <fweimer@redhat.com> + * sysdeps/unix/sysv/linux/tst-ttyname.c + (become_root_in_mount_ns): Remove. + (do_in_chroot_1): Call support_enter_mount_namespace. + (do_in_chroot_2): Likewise. + (do_test): Call support_become_root early. + +2017-11-18 Florian Weimer <fweimer@redhat.com> + * support/namespace.h (support_enter_mount_namespace): Declare. * support/support_enter_mount_namespace.c: New file. * support/Makefile (libsupport-routines): Add diff --git a/sysdeps/unix/sysv/linux/tst-ttyname.c b/sysdeps/unix/sysv/linux/tst-ttyname.c index 32d7a65..0fdf1a8 100644 --- a/sysdeps/unix/sysv/linux/tst-ttyname.c +++ b/sysdeps/unix/sysv/linux/tst-ttyname.c @@ -78,65 +78,6 @@ proc_fd_readlink (const char *linkname) return target; } -static void -become_root_in_mount_ns (void) -{ - uid_t orig_uid = getuid (); - gid_t orig_gid = getgid (); - - support_become_root (); - - if (unshare (CLONE_NEWNS) < 0) - FAIL_UNSUPPORTED ("could not enter new mount namespace"); - - /* support_become_root might have put us in a new user namespace; - most filesystems (including tmpfs) don't allow file or directory - creation from a user namespace unless uid and gid maps are set, - even if we have root privileges in the namespace (failing with - EOVERFLOW, since the uid overflows the empty (0-length) uid map). - - Also, stat always reports that uid and gid maps are empty, so we - have to try actually reading from them to check if they are - empty. */ - int fd; - - if ((fd = open ("/proc/self/uid_map", O_RDWR, 0)) >= 0) - { - char buf; - if (read (fd, &buf, 1) == 0) - { - char *str = xasprintf ("0 %ld 1\n", (long)orig_uid); - if (write (fd, str, strlen (str)) < 0) - FAIL_EXIT1 ("write (uid_map, \"%s\"): %m", str); - free (str); - } - xclose (fd); - } - - /* Setting the gid map has the additional complexity that we have to - first turn off setgroups. */ - if ((fd = open ("/proc/self/setgroups", O_WRONLY, 0)) >= 0) - { - const char *str = "deny"; - if (write (fd, str, strlen (str)) < 0) - FAIL_EXIT1 ("write (setroups, \"%s\"): %m", str); - xclose (fd); - } - - if ((fd = open ("/proc/self/gid_map", O_RDWR, 0)) >= 0) - { - char buf; - if (read (fd, &buf, 1) == 0) - { - char *str = xasprintf ("0 %ld 1\n", (long)orig_gid); - if (write (fd, str, strlen (str)) < 0) - FAIL_EXIT1 ("write (gid_map, \"%s\"): %m", str); - free (str); - } - xclose (fd); - } -} - /* plain ttyname runner */ struct result @@ -328,7 +269,8 @@ do_in_chroot_1 (int (*cb)(const char *, int)) { xclose (master); - become_root_in_mount_ns (); + if (!support_enter_mount_namespace ()) + FAIL_UNSUPPORTED ("could not enter new mount namespace"); VERIFY (mount ("tmpfs", chrootdir, "tmpfs", 0, "mode=755") == 0); VERIFY (chdir (chrootdir) == 0); @@ -395,7 +337,8 @@ do_in_chroot_2 (int (*cb)(const char *, int)) xclose (pid_pipe[0]); xclose (exit_pipe[1]); - become_root_in_mount_ns (); + if (!support_enter_mount_namespace ()) + FAIL_UNSUPPORTED ("could not enter new mount namespace"); int slave = xopen (slavename, O_RDWR, 0); if (!doit (slave, "basic smoketest", @@ -611,6 +554,8 @@ run_chroot_tests (const char *slavename, int slave) static int do_test (void) { + support_become_root (); + int ret1 = do_in_chroot_1 (run_chroot_tests); if (ret1 == EXIT_UNSUPPORTED) return ret1; |