diff options
author | Florian Weimer <fweimer@redhat.com> | 2018-08-28 14:02:47 +0200 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2018-08-28 14:02:47 +0200 |
commit | d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1 (patch) | |
tree | 8b4aeaafe85b5ba687b6c51429de12a03f0e078b /support | |
parent | nscd: Fix use-after-free in addgetnetgrentX [BZ #23520] (diff) | |
download | glibc-d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1.tar.gz glibc-d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1.tar.bz2 glibc-d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1.zip |
test-container: EPERM from unshare is UNSUPPORTED
For example, the security policy on the Fedora build daemons results in
this EPERM error.
Diffstat (limited to 'support')
-rw-r--r-- | support/test-container.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/support/test-container.c b/support/test-container.c index ce16e061e7..2e91bdf9ec 100644 --- a/support/test-container.c +++ b/support/test-container.c @@ -871,8 +871,9 @@ main (int argc, char **argv) /* The unshare here gives us our own spaces and capabilities. */ if (unshare (CLONE_NEWUSER | CLONE_NEWPID | CLONE_NEWNS) < 0) { - /* Older kernels may not support all the options. */ - if (errno == EINVAL) + /* Older kernels may not support all the options, or security + policy may block this call. */ + if (errno == EINVAL || errno == EPERM) FAIL_UNSUPPORTED ("unable to unshare user/fs: %s", strerror (errno)); else FAIL_EXIT1 ("unable to unshare user/fs: %s", strerror (errno)); |