From: Seth Robertson Date: Wed, 4 Dec 2013 05:24:08 +0000 (-0500) Subject: lxc_unshare -u argument useful even with USER namespace shared X-Git-Tag: lxc-1.0.0.beta2~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=13d8bde96f0a21da92bcf353ad5db3f6f83172c2;p=thirdparty%2Flxc.git lxc_unshare -u argument useful even with USER namespace shared Signed-off-by: Seth Robertson Acked-by: Serge E. Hallyn --- diff --git a/doc/lxc-unshare.sgml.in b/doc/lxc-unshare.sgml.in index a812eb965..9d3be22ed 100644 --- a/doc/lxc-unshare.sgml.in +++ b/doc/lxc-unshare.sgml.in @@ -51,7 +51,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA lxc-unshare -s namespaces - -u user + -u user command @@ -100,8 +100,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Specify a user which the new task should become. This option is - only valid if a user namespace is unshared. + Specify a userid which the new task should become. diff --git a/src/lxc/lxc_unshare.c b/src/lxc/lxc_unshare.c index 827aa9131..4c82e9e8d 100644 --- a/src/lxc/lxc_unshare.c +++ b/src/lxc/lxc_unshare.c @@ -97,7 +97,8 @@ static int do_start(void *arg) int flags = *start_arg->flags; uid_t uid = *start_arg->uid; - if (flags & CLONE_NEWUSER && setuid(uid)) { + // Setuid is useful even without a new user id space + if ( uid >= 0 && setuid(uid)) { ERROR("failed to set uid %d: %s", uid, strerror(errno)); exit(1); } @@ -153,8 +154,6 @@ int main(int argc, char *argv[]) if (ret) usage(argv[0]); - if (!(flags & CLONE_NEWUSER) && uid != -1) { - ERROR("-u needs -s USER option"); return 1; }