lxc-download: Detect unpriv created by real root

This adds yet another case in the in_userns function detecting the case
where an unprivileged container is created by the real uid 0, in which
case we want to share the system wide cache but still use the
unprivileged templates and unpack method.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

diff --git a/templates/lxc-download.in b/templates/lxc-download.in
index 53b06e73f590ef9c34655213eeecb00fd996f3df..732bd97b97f12fb0753420c69e7584051b4f5a8c 100644 (file)
--- a/templates/lxc-download.in
+++ b/templates/lxc-download.in
@@ -142,8 +142,11 @@ gpg_validate() {
 
 in_userns() {
     [ -e /proc/self/uid_map ] || { echo no; return; }
-    line=$(awk '{ print $1 " " $2 " " $3 }' /proc/self/uid_map)
-    [ "$line" = "0 0 4294967295" ] && { echo no; return; }
+    awk '{ print $1 " " $2 " " $3 }' /proc/self/uid_map | while read line; do
+        [ "$line" = "0 0 4294967295" ] && { echo no; return; }
+        echo $line | grep -q " 0 1$" && { echo userns-root; return; }
+    done
+
     [ "$(cat /proc/self/uid_map)" = "$(cat /proc/1/uid_map)" ] && \
         { echo userns-root; return; }
     echo yes