mirror of
https://sourceware.org/git/glibc.git
synced 2025-01-12 12:10:16 +00:00
linux: Return unsupported if procfs can not be mount on tst-ttyname-namespace
Trying to mount procfs can fail due multiples reasons: proc is locked due the container configuration, mount syscall is filtered by a Linux Secuirty Module, or any other security or hardening mechanism that Linux might eventually add. The tests does require a new procfs without binding to parent, and to fully fix it would require to change how the container was created (which is out of the scope of the test itself). Instead of trying to foresee any possible scenario, if procfs can not be mount fail with unsupported. Checked on aarch64-linux-gnu. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
This commit is contained in:
parent
a9fed5ea81
commit
d35fbd3e68
@ -94,8 +94,17 @@ do_in_chroot_2 (int (*cb)(const char *, int))
|
||||
VERIFY (read (exit_pipe[0], &c, 1) == 0);
|
||||
xclose (exit_pipe[0]);
|
||||
|
||||
VERIFY (mount ("proc", "/proc", "proc",
|
||||
MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL) == 0);
|
||||
if (mount ("proc", "/proc", "proc",
|
||||
MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL) != 0)
|
||||
{
|
||||
/* This happens if we're trying to create a nested container,
|
||||
like if the build is running under podman, and we lack
|
||||
priviledges. */
|
||||
if (errno == EPERM)
|
||||
_exit (EXIT_UNSUPPORTED);
|
||||
else
|
||||
_exit (EXIT_FAILURE);
|
||||
}
|
||||
|
||||
char *linkname = xasprintf ("/proc/self/fd/%d", slave);
|
||||
char *target = proc_fd_readlink (linkname);
|
||||
@ -104,8 +113,9 @@ do_in_chroot_2 (int (*cb)(const char *, int))
|
||||
|
||||
_exit (cb (slavename, slave));
|
||||
}
|
||||
xwrite (pid_pipe[1], &pid, sizeof pid);
|
||||
_exit (0);
|
||||
int status;
|
||||
xwaitpid (pid, &status, 0);
|
||||
_exit (WEXITSTATUS (status));
|
||||
}
|
||||
xclose (pid_pipe[1]);
|
||||
xclose (exit_pipe[0]);
|
||||
@ -117,17 +127,11 @@ do_in_chroot_2 (int (*cb)(const char *, int))
|
||||
VERIFY (WIFEXITED (status));
|
||||
int ret = WEXITSTATUS (status);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
FAIL_UNSUPPORTED ("unable to mount /proc on inner child process");
|
||||
|
||||
/* set 'pid' to the inner child */
|
||||
VERIFY (read (pid_pipe[0], &pid, sizeof pid) == sizeof pid);
|
||||
xclose (pid_pipe[0]);
|
||||
|
||||
/* wait for the inner child */
|
||||
xwaitpid (pid, &status, 0);
|
||||
VERIFY (WIFEXITED (status));
|
||||
xclose (master);
|
||||
return WEXITSTATUS (status);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
|
Loading…
Reference in New Issue
Block a user