From: Daan De Meyer <daan@amutable.com>
Date: Wed, 18 Feb 2026 18:30:12 +0000 (+0100)
Subject: uid-range: Handle same userns in uid_range_load_userns_by_fd()
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F40759%2Fhead;p=thirdparty%2Fsystemd.git

uid-range: Handle same userns in uid_range_load_userns_by_fd()

If we're asked to look up our own user namespace mapping, don't go
via fd as trying to setns() to our own user namespace in
userns_enter_and_pin() would fail with EPERM as the kernel doesn't
allow switching to your own userns.
---

diff --git a/src/basic/uid-range.c b/src/basic/uid-range.c
index c498b5afe1f..1aaf760468b 100644
--- a/src/basic/uid-range.c
+++ b/src/basic/uid-range.c
@@ -295,6 +295,12 @@ int uid_range_load_userns_by_fd(int userns_fd, UIDRangeUsernsMode mode, UIDRange
         assert(mode < _UID_RANGE_USERNS_MODE_MAX);
         assert(ret);
 
+        r = is_our_namespace(userns_fd, NAMESPACE_USER);
+        if (r < 0)
+                return r;
+        if (r > 0)
+                return uid_range_load_userns(/* path= */ NULL, mode, ret);
+
         r = userns_enter_and_pin(userns_fd, &pidref);
         if (r < 0)
                 return r;