[lxc-devel] [lxc/master] attach: try to always drop supplementary groups
brauner on Github
lxc-bot at linuxcontainers.org
Wed Apr 11 15:37:02 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180411/2ff477e4/attachment.bin>
-------------- next part --------------
From 96ec54acf8d40f23fbaf8c0c291607dbed7b29e8 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 11 Apr 2018 17:35:57 +0200
Subject: [PATCH] attach: try to always drop supplementary groups
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/attach.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 3b7152721..e1699b137 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -873,7 +873,7 @@ static int attach_child_main(struct attach_clone_payload *payload)
}
ret = lxc_setgroups(0, NULL);
- if (ret < 0)
+ if (ret < 0 && errno != EPERM)
goto on_error;
if ((init_ctx->container && init_ctx->container->lxc_conf &&
More information about the lxc-devel
mailing list