[systemd-devel] [systemd-commits] src/core
Lennart Poettering
lennart at poettering.net
Fri Oct 17 04:56:12 PDT 2014
On Fri, 17.10.14 02:58, Michal Sekletar (msekleta at kemper.freedesktop.org) wrote:
> src/core/execute.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> New commits:
> commit 0015ebf3fa524d414a947bdf0814782a8ee00799
> Author: Michal Sekletar <msekleta at redhat.com>
> Date: Fri Oct 17 11:51:46 2014 +0200
>
> execute: don't fail child when we don't have privileges to setup namespaces
>
> If we don't have privileges to setup the namespaces then we are most likely
> running inside some sort of unprivileged container, hence not being able to
> create namespace is not a problem because spawned service can't access host
> system anyway.
>
> diff --git a/src/core/execute.c b/src/core/execute.c
> index b165b33..43f2764 100644
> --- a/src/core/execute.c
> +++ b/src/core/execute.c
> @@ -1545,7 +1545,10 @@ static int exec_child(ExecCommand *command,
> context->protect_home,
> context->protect_system,
> context->mount_flags);
> - if (err < 0) {
> +
> + if (err == -EPERM)
> + log_error_unit(params->unit_id, "Failed to setup namespace, ignoring: %s", strerror(-err));
> + else if (err < 0) {
I extended the message a bit, to be more helpful to users. Also, if
this is now effectively just a warning, but nothing fatal we need to
downgrade this to "log_warning_unit()". Made that change too.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list