aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2018-08-28 14:02:47 +0200
committerFlorian Weimer <fweimer@redhat.com>2018-08-28 14:02:47 +0200
commitd6c44c3d0ca4b8b639803ddccb83b9b8722f45c1 (patch)
tree8b4aeaafe85b5ba687b6c51429de12a03f0e078b /support
parentnscd: Fix use-after-free in addgetnetgrentX [BZ #23520] (diff)
downloadglibc-d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1.tar.gz
glibc-d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1.tar.bz2
glibc-d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1.zip
test-container: EPERM from unshare is UNSUPPORTED
For example, the security policy on the Fedora build daemons results in this EPERM error.
Diffstat (limited to 'support')
-rw-r--r--support/test-container.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/support/test-container.c b/support/test-container.c
index ce16e061e7..2e91bdf9ec 100644
--- a/support/test-container.c
+++ b/support/test-container.c
@@ -871,8 +871,9 @@ main (int argc, char **argv)
/* The unshare here gives us our own spaces and capabilities. */
if (unshare (CLONE_NEWUSER | CLONE_NEWPID | CLONE_NEWNS) < 0)
{
- /* Older kernels may not support all the options. */
- if (errno == EINVAL)
+ /* Older kernels may not support all the options, or security
+ policy may block this call. */
+ if (errno == EINVAL || errno == EPERM)
FAIL_UNSUPPORTED ("unable to unshare user/fs: %s", strerror (errno));
else
FAIL_EXIT1 ("unable to unshare user/fs: %s", strerror (errno));