[lxc-devel] [lxc/master] usernsexec: Make err out vebose for unshare error

tcharding on Github lxc-bot at linuxcontainers.org
Wed Aug 15 23:49:54 UTC 2018 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 887 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180815/3daf2f08/attachment.bin>
-------------- next part --------------
From 14c6d3073bf2b63719488e972d30a6881c9b899d Mon Sep 17 00:00:00 2001
From: "Tobin C. Harding" <me at tobin.cc>
Date: Thu, 16 Aug 2018 09:43:02 +1000
Subject: [PATCH] usernsexec: Make err out vebose for unshare error

Currently if lxc-usernsexec is run on a kernel without user namespaces
enabled the error message is

	unshare: Invalid argument
	read pipe: Success

This error message 'Invalid argument' does not point at the root cause
of the error.  We can help the user out by giving a more detailed error
message and also not using perror() if errno==0.

Improve error message by
 - Printing unshare flags
 - Printing suggested cause of failure (user namespace not enabled)
 - Print error message with fprintf() if errno==0 (EOF)

Signed-off-by: Tobin C. Harding <me at tobin.cc>
---
 src/lxc/cmd/lxc_usernsexec.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/lxc/cmd/lxc_usernsexec.c b/src/lxc/cmd/lxc_usernsexec.c
index c342a90a0..e869f2f25 100644
--- a/src/lxc/cmd/lxc_usernsexec.c
+++ b/src/lxc/cmd/lxc_usernsexec.c
@@ -375,7 +375,9 @@ int main(int argc, char *argv[])
 
 		ret = unshare(flags);
 		if (ret < 0) {
-			perror("unshare");
+			char *msg = "unshare: CLONE_NEWNS | CLONE_NEWUSER\n"
+				"You may need to enable user namespaces\n";
+			fprintf(stderr, "%s", msg);
 			return 1;
 		}
 		buf[0] = '1';
@@ -399,9 +401,13 @@ int main(int argc, char *argv[])
 
 	close(pipe_fds1[1]);
 	close(pipe_fds2[0]);
-	if (lxc_read_nointr(pipe_fds1[0], buf, 1) < 1) {
+	ret = lxc_read_nointr(pipe_fds1[0], buf, 1);
+	if (ret < 0) {
 		perror("read pipe");
 		exit(EXIT_FAILURE);
+	} else if (ret == 0) {
+		fprintf(stderr, "read pipe: EOF\n");
+		exit(EXIT_FAILURE);
 	}
 
 	buf[0] = '1';

More information about the lxc-devel mailing list