proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-27 12:37:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

lxccontainer: only attach netns on netdev detach

Browse Source 
Detaching network namespaces as an unprivileged user is currently not possible
and attaching to the user namespace will mean we are not allowed to move the
network device into an ancestor network namespace.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner 2017-12-10 02:41:14 +01:00
parent b69dfc9fcb
commit acbfeda88b
No known key found for this signature in database
GPG Key ID: 8EB056D53EECB12D
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/lxc/lxccontainer.c
View File

@ -4450,10 +4450,12 @@ static bool do_lxcapi_detach_interface(struct lxc_container *c, const char *ifna
} }
if (pid == 0) { /* child */ if (pid == 0) { /* child */
int ret = 0; pid_t init_pid;
if (!enter_net_ns(c)) {
ERROR("failed to enter namespace"); init_pid = do_lxcapi_init_pid(c);
exit(-1); if (!switch_to_ns(init_pid, "net")) {
ERROR("Failed to enter network namespace");
exit(EXIT_FAILURE);
} }
ret = lxc_netdev_isup(ifname); ret = lxc_netdev_isup(ifname);