zishuo/runc
1
0
Fork 0
mirror of https://github.com/opencontainers/runc.git synced 2025-10-07 00:12:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

libct: fixStdioPermissions: skip chown if not needed

Browse Source 
Since we already called fstat, we know the current file uid. In case it
is the same as the one we want it to be, there's no point in trying
chown.

Remove the specific /dev/null check, as the above also covers it
(comparing /dev/null uid with itself is true).

This also fixes runc exec with read-only /dev for root user.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This commit is contained in:
Kir Kolyshkin
2022-01-21 17:43:09 -08:00
parent b7fdb68848
commit 18c4760aed
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
libcontainer/init_linux.go
View File

@@ -411,12 +411,12 @@ func fixStdioPermissions(u *user.ExecUser) error {
return &os.PathError{Op: "fstat", Path: file.Name(), Err: err} return &os.PathError{Op: "fstat", Path: file.Name(), Err: err}
} }
// Skip chown of /dev/null if it was used as one of the STDIO fds. // Skip chown if uid is already the one we want.
if s.Rdev == null.Rdev { if int(s.Uid) == u.Uid {
continue continue
} }
// We only change the uid owner (as it is possible for the mount to // We only change the uid (as it is possible for the mount to
// prefer a different gid, and there's no reason for us to change it). // prefer a different gid, and there's no reason for us to change it).
// The reason why we don't just leave the default uid=X mount setup is // The reason why we don't just leave the default uid=X mount setup is
// that users expect to be able to actually use their console. Without // that users expect to be able to actually use their console. Without