proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-27 12:37:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

lxc-download: Detect unpriv created by real root

Browse Source 
This adds yet another case in the in_userns function detecting the case
where an unprivileged container is created by the real uid 0, in which
case we want to share the system wide cache but still use the
unprivileged templates and unpack method.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This commit is contained in:
Stéphane Graber 2014-02-26 14:15:27 -05:00
parent d4b621a52e
commit a1b6244eb5
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
templates/lxc-download.in
View File

@ -142,8 +142,11 @@ gpg_validate() {
in_userns() {
[ -e /proc/self/uid_map ] || { echo no; return; }
line=$(awk '{ print $1 " " $2 " " $3 }' /proc/self/uid_map)
awk '{ print $1 " " $2 " " $3 }' /proc/self/uid_map | while read line; do
[ "$line" = "0 0 4294967295" ] && { echo no; return; }
echo $line | grep -q " 0 1$" && { echo userns-root; return; }
done
[ "$(cat /proc/self/uid_map)" = "$(cat /proc/1/uid_map)" ] && \
{ echo userns-root; return; }
echo yes