mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2025-01-19 09:36:47 +02:00
Merge pull request #6092 from Kha/sandbox-wo-userns
Fix using sandbox without user namespaces
This commit is contained in:
commit
744a101a36
1 changed files with 6 additions and 3 deletions
|
@ -912,9 +912,12 @@ void LocalDerivationGoal::startBuilder()
|
||||||
sandboxMountNamespace = open(fmt("/proc/%d/ns/mnt", (pid_t) pid).c_str(), O_RDONLY);
|
sandboxMountNamespace = open(fmt("/proc/%d/ns/mnt", (pid_t) pid).c_str(), O_RDONLY);
|
||||||
if (sandboxMountNamespace.get() == -1)
|
if (sandboxMountNamespace.get() == -1)
|
||||||
throw SysError("getting sandbox mount namespace");
|
throw SysError("getting sandbox mount namespace");
|
||||||
sandboxUserNamespace = open(fmt("/proc/%d/ns/user", (pid_t) pid).c_str(), O_RDONLY);
|
|
||||||
if (sandboxUserNamespace.get() == -1)
|
if (usingUserNamespace) {
|
||||||
throw SysError("getting sandbox user namespace");
|
sandboxUserNamespace = open(fmt("/proc/%d/ns/user", (pid_t) pid).c_str(), O_RDONLY);
|
||||||
|
if (sandboxUserNamespace.get() == -1)
|
||||||
|
throw SysError("getting sandbox user namespace");
|
||||||
|
}
|
||||||
|
|
||||||
/* Signal the builder that we've updated its user namespace. */
|
/* Signal the builder that we've updated its user namespace. */
|
||||||
writeFull(userNamespaceSync.writeSide.get(), "1");
|
writeFull(userNamespaceSync.writeSide.get(), "1");
|
||||||
|
|
Loading…
Reference in a new issue