opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-09-19 00:56:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

create: join also the mount ns of the dependency

Browse Source 
when we are creating a container that depends on another one, be sure
we also join its mount namespace in addition to the user namespace.

Closes: https://github.com/containers/libpod/issues/2556

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2019-03-07 09:54:03 +01:00
parent 4a02713c57
commit 081291c8d6
1 changed files with 10 additions and 1 deletions

11
cmd/podman/create.go

@ -894,7 +894,16 @@ func joinOrCreateRootlessUserNamespace(createConfig *cc.CreateConfig, runtime *l
} }
return false, -1, errors.Errorf("dependency container %s is not running", ctr.ID()) return false, -1, errors.Errorf("dependency container %s is not running", ctr.ID())
} }
return rootless.JoinNS(uint(pid), 0)
data, err := ioutil.ReadFile(ctr.Config().ConmonPidFile)
if err != nil {
return false, -1, errors.Wrapf(err, "cannot read conmon PID file %q", ctr.Config().ConmonPidFile)
}
conmonPid, err := strconv.Atoi(string(data))
if err != nil {
return false, -1, errors.Wrapf(err, "cannot parse PID %q", data)
}
return rootless.JoinDirectUserAndMountNS(uint(conmonPid))
} }
} }
return rootless.BecomeRootInUserNS() return rootless.BecomeRootInUserNS()