openEuler-22.03-LTS

分支 (28)

标签 (25)

管理

管理

master

openEuler-22.03-LTS-SP4

openEuler-24.03-LTS-Next

openEuler-22.03-LTS-SP3

openEuler-24.03-LTS

sync-pr370-openEuler-24.03-LTS-SP1-to-openEuler-24.03-LTS-SP2

openEuler-24.03-LTS-SP1

openEuler-24.03-LTS-SP2

openEuler-20.03-LTS-SP4

openEuler-25.03

openEuler-24.09

openEuler-22.03-LTS-SP1

openEuler-22.03-LTS

openEuler-22.03-LTS-Next

openEuler-22.03-LTS-SP2

openEuler-20.03-LTS-SP1

openEuler-20.03-LTS-SP3

openEuler-23.09

openEuler-23.03

openEuler-22.09

openEuler-24.03-LTS-update-20250530

openEuler-24.03-LTS-SP1-update-20250530

openEuler-22.03-LTS-SP4-update-20250411

openEuler-25.03-release

openEuler-24.03-LTS-SP1-release

openEuler-22.03-LTS-SP4-release

openEuler-24.09-release

openEuler-24.03-LTS-release

openEuler-22.03-LTS-SP3-release

openEuler-23.09-rc5

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round3

openEuler-22.03-LTS-round2

openEuler-22.03-LTS-round1

openEuler-20.03-LTS-SP3-release

util-linux
/
backport-fix-by-ignoring-EINVAL-on-re...

From 1961dccea09176a401bc8fc5e1769ab426308314 Mon Sep 17 00:00:00 2001
From: benaryorg <binary@benary.org>
Date: Fri, 4 Jun 2021 12:34:52 +0000
Subject: [PATCH] fix #648 by ignoring EINVAL on-remount of proc

When using --mount-proc=/some/path then unshare fails if the path provided is not already mounted due to the mount(2) call to change the propagation of the mount.
In such a case mount(2) returns EINVAL, which however is used for a variety of other errors.
If this error is ignored mistakenly the effects however should be neglible since:

1. the mount of proc afterwards happens regardless, errors of which are not ignored
2. the propagation change of root uses MS_REC, which shold already change the propagation of all mounts recursively

Furthermore /proc is not touched if --mount-proc specifies a different mount point.
This should not cause too much unexpected behaviour due to point 2 from above in any case.
Specifying --mount-proc with a different path also means that unshare(3) is not instructed to touch /proc, thus /proc not being touched should not be unexpected.
As a side note, if unshare is called with /proc as an (implicit) parameter to --mount-proc then /proc is a stacked mount, meaning if /proc is unmounted it in the namespace the host /proc is visible again, thus not touching /proc with a different parameter does not constitute more information leakage than the alternative, quite contary it may even be the desired behaviour.

Signed-off-by: benaryorg <binary@benary.org>
---
 sys-utils/unshare.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/sys-utils/unshare.c b/sys-utils/unshare.c
index e5627d3c64..820691ba35 100644
--- a/sys-utils/unshare.c
+++ b/sys-utils/unshare.c
@@ -650,8 +650,11 @@ int main(int argc, char *argv[])
 		err(EXIT_FAILURE, _("cannot chdir to '%s'"), newdir);

 	if (procmnt) {
-		if (!newroot && mount("none", procmnt, NULL, MS_PRIVATE|MS_REC, NULL) != 0)
-			err(EXIT_FAILURE, _("cannot change %s filesystem propagation"), procmnt);
+		if (!newroot && mount("none", procmnt, NULL, MS_PRIVATE|MS_REC, NULL))
+			/* custom procmnt means that proc is very likely not mounted, causing EINVAL
+			   ignoring the error in this specific instance is safe */
+			if(errno != EINVAL)
+				err(EXIT_FAILURE, _("cannot change %s filesystem propagation"), procmnt);
 		if (mount("proc", procmnt, "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL) != 0)
 			err(EXIT_FAILURE, _("mount %s failed"), procmnt);
 	}