rpms
/
glibc
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7316d96979'
${ noResults }
glibc/SOURCES/glibc-rh1817513-16.patch

147 lines
4.4 KiB
Raw Blame History Escape

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

commit b2e93de0ffedcfe2cfba100d47a4d4f6f85cea0b
Author: DJ Delorie <dj@redhat.com>
Date: Tue Dec 4 00:03:12 2018 -0500
test-container: add "su" command to run test as root, add unshare hints
* support/test-container.c (check_for_unshare_hints): New.
(main): Call it if unshare fails. Add support for "su" scriptlet
command.
diff --git a/support/test-container.c b/support/test-container.c
index fe0ebbd07df83da7..1d1aebeaf3412573 100644
--- a/support/test-container.c
+++ b/support/test-container.c
@@ -88,15 +88,22 @@ int verbose = 0;
* mytest.root/ is rsync'd into container
* mytest.root/preclean.req causes fresh rsync (with delete) before
test if present
- * mytest.root/mytset.script has a list of "commands" to run:
+ * mytest.root/mytest.script has a list of "commands" to run:
syntax:
# comment
+ su
mv FILE FILE
cp FILE FILE
rm FILE
FILE must start with $B/, $S/, $I/, $L/, or /
(expands to build dir, source dir, install dir, library dir
(in container), or container's root)
+ details:
+ - '#': A comment.
+ - 'su': Enables running test as root in the container.
+ - 'mv': A minimal move files command.
+ - 'cp': A minimal copy files command.
+ - 'rm': A minimal remove files command.
* mytest.root/postclean.req causes fresh rsync (with delete) after
test if present
@@ -349,6 +356,7 @@ recursive_remove (char *path)
switch (child) {
case -1:
+ perror("fork");
FAIL_EXIT1 ("Unable to fork");
case 0:
/* Child. */
@@ -610,6 +618,47 @@ rsync (char *src, char *dest, int and_delete)
}
+
+/* See if we can detect what the user needs to do to get unshare
+ support working for us. */
+void
+check_for_unshare_hints (void)
+{
+ FILE *f;
+ int i;
+
+ /* Default Debian Linux disables user namespaces, but allows a way
+ to enable them. */
+ f = fopen ("/proc/sys/kernel/unprivileged_userns_clone", "r");
+ if (f != NULL)
+ {
+ i = 99; /* Sentinel. */
+ fscanf (f, "%d", &i);
+ if (i == 0)
+ {
+ printf ("To enable test-container, please run this as root:\n");
+ printf (" echo 1 > /proc/sys/kernel/unprivileged_userns_clone\n");
+ }
+ fclose (f);
+ return;
+ }
+
+ /* ALT Linux has an alternate way of doing the same. */
+ f = fopen ("/proc/sys/kernel/userns_restrict", "r");
+ if (f != NULL)
+ {
+ i = 99; /* Sentinel. */
+ fscanf (f, "%d", &i);
+ if (i == 1)
+ {
+ printf ("To enable test-container, please run this as root:\n");
+ printf (" echo 0 > /proc/sys/kernel/userns_restrict\n");
+ }
+ fclose (f);
+ return;
+ }
+}
+
int
main (int argc, char **argv)
{
@@ -628,6 +677,8 @@ main (int argc, char **argv)
uid_t original_uid;
gid_t original_gid;
+ /* If set, the test runs as root instead of the user running the testsuite. */
+ int be_su = 0;
int UMAP;
int GMAP;
/* Used for "%lld %lld 1" so need not be large. */
@@ -857,6 +908,10 @@ main (int argc, char **argv)
{
maybe_xunlink (the_words[1]);
}
+ else if (nt == 1 && strcmp (the_words[0], "su") == 0)
+ {
+ be_su = 1;
+ }
else if (nt > 0 && the_words[0][0] != '#')
{
printf ("\033[31minvalid [%s]\033[0m\n", the_words[0]);
@@ -910,7 +965,12 @@ main (int argc, char **argv)
/* Older kernels may not support all the options, or security
policy may block this call. */
if (errno == EINVAL || errno == EPERM)
- FAIL_UNSUPPORTED ("unable to unshare user/fs: %s", strerror (errno));
+ {
+ int saved_errno = errno;
+ if (errno == EPERM)
+ check_for_unshare_hints ();
+ FAIL_UNSUPPORTED ("unable to unshare user/fs: %s", strerror (saved_errno));
+ }
else
FAIL_EXIT1 ("unable to unshare user/fs: %s", strerror (errno));
}
@@ -981,7 +1041,7 @@ main (int argc, char **argv)
FAIL_EXIT1 ("can't write to /proc/self/uid_map\n");
sprintf (tmp, "%lld %lld 1\n",
- (long long) original_uid, (long long) original_uid);
+ (long long) (be_su ? 0 : original_uid), (long long) original_uid);
write (UMAP, tmp, strlen (tmp));
xclose (UMAP);
@@ -1002,7 +1062,7 @@ main (int argc, char **argv)
FAIL_EXIT1 ("can't write to /proc/self/gid_map\n");
sprintf (tmp, "%lld %lld 1\n",
- (long long) original_gid, (long long) original_gid);
+ (long long) (be_su ? 0 : original_gid), (long long) original_gid);
write (GMAP, tmp, strlen (tmp));
xclose (GMAP);
Reference in new issue View Git Blame Copy Permalink