Merge pull request #1568 from michalsieron/no-user-namespaces

giuseppe · web-flow · commit a3fcba9f2b06 · 2024-10-08T09:21:19.000+02:00
Fix running on kernel without user namespaces
diff --git a/src/libcrun/linux.c b/src/libcrun/linux.c
@@ -2942,7 +2942,15 @@ can_setgroups (libcrun_container_t *container, libcrun_error_t *err)
 
   ret = read_all_file ("/proc/self/setgroups", &content, NULL, err);
   if (ret < 0)
-    return ret;
+    {
+      /* If the file does not exist, then the kernel does not support /proc/self/setgroups and setgroups can always be used.  */
+      if (crun_error_get_errno (err) == ENOENT)
+        {
+          crun_error_release (err);
+          return 1;
+        }
+      return ret;
+    }
 
   return strncmp (content, "deny", 4) == 0 ? 0 : 1;
 }
diff --git a/src/libcrun/utils.c b/src/libcrun/utils.c
@@ -714,7 +714,16 @@ check_running_in_user_namespace (libcrun_error_t *err)
 
   ret = read_all_file ("/proc/self/uid_map", &buffer, &len, err);
   if (UNLIKELY (ret < 0))
-    return ret;
+    {
+      /* If the file does not exist, then the kernel does not support user namespaces and we for sure aren't in one.  */
+      if (crun_error_get_errno (err) == ENOENT)
+        {
+          crun_error_release (err);
+          run_in_userns = 0;
+          return run_in_userns;
+        }
+      return ret;
+    }
 
   ret = strstr (buffer, "4294967295") ? 0 : 1;
   run_in_userns = ret;
