Commit3775df9

authored

Merge pull request#3731 from kolyshkin/1.1-fix-dev-null

[1.1] libcontainer: skip chown of /dev/null caused by fd redirection

2 parentsbec9736 +9233b3d commit3775df9Copy full SHA for 3775df9

File tree

+19

-3

lines changed

+19

-3

lines changed

Lines changed: 3 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -411,8 +411,9 @@ func fixStdioPermissions(u *user.ExecUser) error {`
`411`	`411`	`return&os.PathError{Op:"fstat",Path:file.Name(),Err:err}`
`412`	`412`	`}`
`413`	`413`
`414`		`-// Skip chown if uid is already the one we want.`
`415`		`-ifint(s.Uid)==u.Uid {`
	`414`	`+// Skip chown if uid is already the one we want or any of the STDIO descriptors`
	`415`	`+// were redirected to /dev/null.`
	`416`	`+ifint(s.Uid)==u.Uid\|\|s.Rdev==null.Rdev {`
`416`	`417`	`continue`
`417`	`418`	`}`
`418`	`419`

Lines changed: 16 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -125,10 +125,25 @@ function teardown() {`
`125`	`125`
`126`	`126`	`runcexec --user 1000:1000 test_busybox id`
`127`	`127`	`["$status"-eq 0 ]`
`128`		`-`
`129`	`128`	`[["${output}"=="uid=1000 gid=1000"* ]]`
`130`	`129`	`}`
`131`	`130`
	`131`	`+# https://github.com/opencontainers/runc/issues/3674.`
	`132`	`+@test"runc exec --user vs /dev/null ownership" {`
	`133`	`+requires root`
	`134`	`+`
	`135`	`+runc run -d --console-socket"$CONSOLE_SOCKET" test_busybox`
	`136`	`+["$status"-eq 0 ]`
	`137`	`+`
	`138`	`+ls -l /dev/null`
	`139`	`+__runcexec -d --user 1000:1000 test_busybox id</dev/null`
	`140`	`+ls -l /dev/null`
	`141`	`+UG=$(stat -c %u:%g /dev/null)`
	`142`	`+`
	`143`	`+# Host's /dev/null must be owned by root.`
	`144`	`+["$UG"="0:0" ]`
	`145`	`+}`
	`146`	`+`
`132`	`147`	`@test"runc exec --additional-gids" {`
`133`	`148`	`requires root`
`134`	`149`

Comments

(0)