mount-util: accept that name_to_handle_at() might fail with EPERM (#5499)

Container managers frequently block name_to_handle_at(), returning
EACCES or EPERM when this is issued. Accept that, and simply fall back
to to fdinfo-based checks.

Note that we accept either EACCES or EPERM here, as container managers
can choose the error code and aren't very good on agreeing on just one.

(note that this is a non-issue with nspawn, as we permit
name_to_handle_at() there, only block open_by_handle_at(), which should
be sufficiently safe).

diff --git a/src/basic/mount-util.c b/src/basic/mount-util.c
index f0bc9cac188953b51670ed8a756608d2db7dcedf..a8fd63fb45807ddc582227ab341a57f380ecee0b 100644 (file)
--- a/src/basic/mount-util.c
+++ b/src/basic/mount-util.c
@@ -112,9 +112,10 @@ int fd_is_mount_point(int fd, const char *filename, int flags) {
 
         r = name_to_handle_at(fd, filename, &h.handle, &mount_id, flags);
         if (r < 0) {
-                if (errno == ENOSYS)
-                        /* This kernel does not support name_to_handle_at()
-                         * fall back to simpler logic. */
+                if (IN_SET(errno, ENOSYS, EACCES, EPERM))
+                        /* This kernel does not support name_to_handle_at() at all, or the syscall was blocked (maybe
+                         * through seccomp, because we are running inside of a container?): fall back to simpler
+                         * logic. */
                         goto fallback_fdinfo;
                 else if (errno == EOPNOTSUPP)
                         /* This kernel or file system does not support
@@ -163,7 +164,7 @@ int fd_is_mount_point(int fd, const char *filename, int flags) {
 
 fallback_fdinfo:
         r = fd_fdinfo_mnt_id(fd, filename, flags, &mount_id);
-        if (IN_SET(r, -EOPNOTSUPP, -EACCES))
+        if (IN_SET(r, -EOPNOTSUPP, -EACCES, -EPERM))
                 goto fallback_fstat;
         if (r < 0)
                 return r;