namespace-util: handle -ENOSPC by userns_acquire() gracefully in is_idmapping_supported()

author Yu Watanabe <watanabe.yu+github@gmail.com>

Fri, 22 Nov 2024 21:08:48 +0000 (06:08 +0900)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Fri, 22 Nov 2024 21:52:38 +0000 (06:52 +0900)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Fri, 22 Nov 2024 21:08:48 +0000 (06:08 +0900)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Fri, 22 Nov 2024 21:52:38 +0000 (06:52 +0900)
diff --git a/src/basic/namespace-util.c b/src/basic/namespace-util.c

index 2c61506149f9b29e29f4109595f212db480003eb..1d566f59e88539bcabebf823dacf14dd9cabc9f9 100644 (file)
--- a/src/basic/namespace-util.c
+++ b/src/basic/namespace-util.c
@@ -531,6 +531,10 @@ int is_idmapping_supported(const char *path) {
          userns_fd = userns_acquire(uid_map, gid_map);
          if (ERRNO_IS_NEG_NOT_SUPPORTED(userns_fd) || ERRNO_IS_NEG_PRIVILEGE(userns_fd))
                  return false;
+        if (userns_fd == -ENOSPC) {
+                log_debug_errno(userns_fd, "Failed to acquire new user namespace, user.max_user_namespaces seems to be exhausted or maybe even zero, assuming ID-mapping is not supported: %m");
+                return false;
+        }
          if (userns_fd < 0)
                  return log_debug_errno(userns_fd, "ID-mapping supported namespace acquire failed for '%s' : %m", path);
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Fri, 22 Nov 2024 21:08:48 +0000 (06:08 +0900)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Fri, 22 Nov 2024 21:52:38 +0000 (06:52 +0900)