attach: allow LSM attach without new mnt namespace

Currently, the -c command (to set the selinux context) seems to be
broken because lxc-attach expects that also a new mount namespace
is specified via command line. This commit remove the check for the new
mount namespace to fix this issue. Please note that the
--elevated-privileges option is not affected by this issue.

Signed-off-by: Maximilian Blenk <Maximilian.Blenk@bmw.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index aedd403ad6d528b4ab1abe10af1e4206d8fc8634..4bfdf23cf547332bce71ff18fddc94d69187e7d3 100644 (file)
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -165,8 +165,7 @@ static inline bool sync_wait_fd(int fd, int *fd_recv)
 
 static bool attach_lsm(lxc_attach_options_t *options)
 {
-       return (options->namespaces & CLONE_NEWNS) &&
-              (options->attach_flags & (LXC_ATTACH_LSM | LXC_ATTACH_LSM_LABEL));
+       return (options->attach_flags & (LXC_ATTACH_LSM | LXC_ATTACH_LSM_LABEL));
 }
 
 static struct attach_context *alloc_attach_context(void)