[lxc-devel] [lxc/master] Revert "cgroups: don't escape if we're not real root"
hallyn on Github
lxc-bot at linuxcontainers.org
Tue Mar 13 17:57:40 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 699 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180313/a63b35d1/attachment.bin>
-------------- next part --------------
From 80c689220df4db001e9d3ec9c5c1936cdc59ec3d Mon Sep 17 00:00:00 2001
From: Serge Hallyn <shallyn at cisco.com>
Date: Tue, 13 Mar 2018 12:55:02 -0500
Subject: [PATCH] Revert "cgroups: don't escape if we're not real root"
This reverts commit 8d961e28f1d759669b477a659cbb694aaa2af915.
Unfortunately I don't believe the check is correct in the general case.
---
src/lxc/cgroups/cgfsng.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index f337be449..10c7ab2cf 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -1368,7 +1368,7 @@ static char *cg_unified_get_current_cgroup(void)
bool will_escape;
char *copy = NULL;
- will_escape = !am_host_unpriv();
+ will_escape = (geteuid() == 0);
if (will_escape)
basecginfo = read_file("/proc/1/cgroup");
else
More information about the lxc-devel
mailing list