executor: check for all permission related errnos when setting up IPC namespace

author Luca Boccassi <bluca@debian.org>

Mon, 27 May 2024 00:52:11 +0000 (01:52 +0100)

committer Luca Boccassi <luca.boccassi@gmail.com>

Mon, 27 May 2024 08:58:15 +0000 (10:58 +0200)
author Luca Boccassi <bluca@debian.org>
Mon, 27 May 2024 00:52:11 +0000 (01:52 +0100)
committer Luca Boccassi <luca.boccassi@gmail.com>
Mon, 27 May 2024 08:58:15 +0000 (10:58 +0200)
diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c

index e88f524893cae5850d7e0d4464312df9baf43e63..ee8db04e7631cb7d9d731c8547957d3531a69e51 100644 (file)
--- a/src/core/exec-invoke.c
+++ b/src/core/exec-invoke.c
@@ -4753,7 +4753,7 @@ int exec_invoke(
  
                  if (ns_type_supported(NAMESPACE_IPC)) {
                          r = setup_shareable_ns(runtime->shared->ipcns_storage_socket, CLONE_NEWIPC);
-                        if (r == -EPERM)
+                        if (ERRNO_IS_NEG_PRIVILEGE(r))
                                  log_exec_warning_errno(context, params, r,
                                                         "PrivateIPC=yes is configured, but IPC namespace setup failed, ignoring: %m");
                          else if (r < 0) {
author	Luca Boccassi <bluca@debian.org>
	Mon, 27 May 2024 00:52:11 +0000 (01:52 +0100)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Mon, 27 May 2024 08:58:15 +0000 (10:58 +0200)