This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

GNU C Library master sources branch master updated. glibc-2.26.9000-788-g273a0c4


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  273a0c4983ecff9fe53258755b155227afe2938f (commit)
      from  8adfb0eeffd1888f9b53b8d8677eb1656cd20e47 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=273a0c4983ecff9fe53258755b155227afe2938f

commit 273a0c4983ecff9fe53258755b155227afe2938f
Author: Florian Weimer <fweimer@redhat.com>
Date:   Sat Nov 18 14:30:20 2017 +0100

    support_enter_mount_namespace: Unshare with mount --make-rprivate
    
    System defaults vary, and a mere unshare (CLONE_NEWNS) (which is part of
    support_become_root) is no longer sufficient.
    
    Reviewed-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/ChangeLog b/ChangeLog
index c58c58c..b244b32 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
 2017-11-18  Florian Weimer  <fweimer@redhat.com>
 
+	* support/namespace.h (support_enter_mount_namespace): Declare.
+	* support/support_enter_mount_namespace.c: New file.
+	* support/Makefile (libsupport-routines): Add
+	support_enter_mount_namespace.
+
+2017-11-18  Florian Weimer  <fweimer@redhat.com>
+
 	* support/temp_file.c (support_create_temp_directory): Use
 	test_dir and do not rely on the presence of the XXXXXX suffix.
 	* support/temp_file.h (support_create_temp_directory): Update
diff --git a/support/Makefile b/support/Makefile
index f7a878b..384fecb 100644
--- a/support/Makefile
+++ b/support/Makefile
@@ -42,6 +42,7 @@ libsupport-routines = \
   support_capture_subprocess \
   support_capture_subprocess_check \
   support_chroot \
+  support_enter_mount_namespace \
   support_enter_network_namespace \
   support_format_address_family \
   support_format_addrinfo \
diff --git a/support/namespace.h b/support/namespace.h
index 9eddb1a..b5e2d14 100644
--- a/support/namespace.h
+++ b/support/namespace.h
@@ -51,6 +51,11 @@ bool support_can_chroot (void);
    has sufficient privileges.  */
 bool support_enter_network_namespace (void);
 
+/* Enter a mount namespace and mark / as private (not shared).  If
+   this function returns true, mount operations in this process will
+   not affect the host system afterwards.  */
+bool support_enter_mount_namespace (void);
+
 /* Return true if support_enter_network_namespace managed to enter a
    UTS namespace.  */
 bool support_in_uts_namespace (void);
diff --git a/support/support_enter_mount_namespace.c b/support/support_enter_mount_namespace.c
new file mode 100644
index 0000000..6140692
--- /dev/null
+++ b/support/support_enter_mount_namespace.c
@@ -0,0 +1,45 @@
+/* Enter a mount namespace.
+   Copyright (C) 2017 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+#include <support/namespace.h>
+
+#include <sched.h>
+#include <stdio.h>
+#include <sys/mount.h>
+
+bool
+support_enter_mount_namespace (void)
+{
+#ifdef CLONE_NEWNS
+  if (unshare (CLONE_NEWNS) == 0)
+    {
+      /* On some systems, / is marked as MS_SHARED, which means that
+         mounts within the namespace leak to the rest of the system,
+         which is not what we want.  */
+      if (mount ("none", "/", NULL, MS_REC | MS_PRIVATE, NULL) != 0)
+        {
+          printf ("warning: making the mount namespace private failed: %m\n");
+          return false;
+        }
+      return true;
+    }
+  else
+    printf ("warning: unshare (CLONE_NEWNS) failed: %m\n");
+#endif /* CLONE_NEWNS */
+  return false;
+}

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                                          |    7 +++
 support/Makefile                                   |    1 +
 support/namespace.h                                |    5 ++
 ...xreadlink.c => support_enter_mount_namespace.c} |   41 ++++++++++----------
 4 files changed, 34 insertions(+), 20 deletions(-)
 copy support/{xreadlink.c => support_enter_mount_namespace.c} (54%)


hooks/post-receive
-- 
GNU C Library master sources


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]