[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150317024554.24592.52603.stgit@pluto.fritz.box>
Date: Tue, 17 Mar 2015 10:45:55 +0800
From: Ian Kent <raven@...maw.net>
To: Kernel Mailing List <linux-kernel@...r.kernel.org>
Cc: David Howells <dhowells@...hat.com>,
Oleg Nesterov <onestero@...hat.com>,
Trond Myklebust <trond.myklebust@...marydata.com>,
"J. Bruce Fields" <bfields@...ldses.org>,
Benjamin Coddington <bcodding@...hat.com>,
Al Viro <viro@...IV.linux.org.uk>,
Jeff Layton <jeff.layton@...marydata.com>,
"Eric W. Biederman" <ebiederm@...ssion.com>
Subject: [RFC PATCH v4 10/12] nfs - objlayout use namespace if not executing
in init namespace
From: Ian Kent <ikent@...hat.com>
If the caller is running within a container then execute the usermode
helper callback within the init namespace of the container.
Signed-off-by: Ian Kent <ikent@...hat.com>
Cc: Benjamin Coddington <bcodding@...hat.com>
Cc: Al Viro <viro@...IV.linux.org.uk>
Cc: J. Bruce Fields <bfields@...ldses.org>
Cc: David Howells <dhowells@...hat.com>
Cc: Trond Myklebust <trond.myklebust@...marydata.com>
Cc: Oleg Nesterov <onestero@...hat.com>
Cc: Eric W. Biederman <ebiederm@...ssion.com>
Cc: Jeff Layton <jeff.layton@...marydata.com>
---
fs/nfs/objlayout/objlayout.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/fs/nfs/objlayout/objlayout.c b/fs/nfs/objlayout/objlayout.c
index 919efd4..00c9a34 100644
--- a/fs/nfs/objlayout/objlayout.c
+++ b/fs/nfs/objlayout/objlayout.c
@@ -599,9 +599,14 @@ static int __objlayout_upcall(struct __auto_login *login)
"PATH=/sbin:/usr/sbin:/bin:/usr/bin",
NULL
};
+ unsigned int umh_flags = UMH_WAIT_PROC;
char *argv[8];
int ret;
+ /* If running within a container use the container namespace */
+ if (current->nsproxy->net_ns != &init_net)
+ umh_flags |= UMH_USE_NS;
+
if (unlikely(!osd_login_prog[0])) {
dprintk("%s: osd_login_prog is disabled\n", __func__);
return -EACCES;
@@ -620,7 +625,7 @@ static int __objlayout_upcall(struct __auto_login *login)
argv[6] = login->systemid_hex;
argv[7] = NULL;
- ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_PROC);
+ ret = call_usermodehelper(argv[0], argv, envp, umh_flags);
/*
* Disable the upcall mechanism if we're getting an ENOENT or
* EACCES error. The admin can re-enable it on the fly by using
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists