nspawn: determine_uid_shift before forking

It is needed in one branch of the fork, but calculated in another
branch.

Failing to do this means using --private-users without specifying a uid
shift always fails because it tries to shift the uid to UID_INVALID.

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 4cf2d14ae2c095664a58c299d4c8782e786088d3..e0437e7da742591377cd446dbf73aabcb5ff78c9 100644 (file)
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -4313,10 +4313,6 @@ static int outer_child(
         if (r < 0)
                 return r;
 
-        r = determine_uid_shift(directory);
-        if (r < 0)
-                return r;
-
         /* Turn directory into bind mount */
         if (mount(directory, directory, NULL, MS_BIND|MS_REC, NULL) < 0)
                 return log_error_errno(errno, "Failed to make bind mount: %m");
@@ -4495,6 +4491,10 @@ int main(int argc, char *argv[]) {
         if (r < 0)
                 goto finish;
 
+        r = determine_uid_shift(arg_directory);
+        if (r < 0)
+                return r;
+
         if (geteuid() != 0) {
                 log_error("Need to be root.");
                 r = -EPERM;