From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 28 May 2024 12:51:32 +0000 (+0200)
Subject: Only call become_root() if we need a full uid map
X-Git-Tag: v23.1~44^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=217839fb5ce9d5b432afdc799f47f44834ff3ad0;p=thirdparty%2Fmkosi.git

Only call become_root() if we need a full uid map

If we only need to map the current user to root, bubblewrap will do
that for us and we don't need to call become_root() after forking.
---

diff --git a/mkosi/qemu.py b/mkosi/qemu.py
index 2653c496c..95130e3a0 100644
--- a/mkosi/qemu.py
+++ b/mkosi/qemu.py
@@ -368,7 +368,7 @@ def start_virtiofsd(config: Config, directory: PathString, *, name: str, selinux
             # capabilities itself, we don't bother figuring out the exact set of capabilities it needs.
             user=uid if not scope else None,
             group=gid if not scope else None,
-            preexec_fn=become_root if not scope else None,
+            preexec_fn=become_root if not scope and not uidmap else None,
             env=scope_env() if scope else {},
             sandbox=config.sandbox(
                 binary=virtiofsd,