nspawn: Join network namespace with setns()

We don't have /proc mounted which means namespace_enter() won't work
on older kernels, so use setns() instead.

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 1c0ab6e712957353c5875ea77ff7e4eafff6b58f..296b12bb90b54c9a16cc53b9fc42465163533b78 100644 (file)
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -4368,15 +4368,8 @@ static int outer_child(
                 /* The inner child has all namespaces that are requested, so that we all are owned by the
                  * user if user namespaces are turned on. */
 
-                if (arg_network_namespace_path) {
-                        r = namespace_enter(/* pidns_fd= */ -EBADF,
-                                            /* mntns_fd= */ -EBADF,
-                                            netns_fd,
-                                            /* userns_fd= */ -EBADF,
-                                            /* root_fd= */ -EBADF);
-                        if (r < 0)
-                                return log_error_errno(r, "Failed to join network namespace: %m");
-                }
+                if (arg_network_namespace_path && setns(netns_fd, CLONE_NEWNET) < 0)
+                        return log_error_errno(errno, "Failed to join network namespace: %m");
 
                 if (arg_userns_mode == USER_NAMESPACE_MANAGED) {
                         /* In managed usernamespace operation, sysfs + procfs are special, we'll have to