diff options
author | 2016-04-18 08:51:26 +0000 | |
---|---|---|
committer | 2016-04-18 10:43:37 +0000 | |
commit | c9bb9f0514663cace43310c35749f0a5fece92bc (patch) | |
tree | b22908b985e980930f8463a0ffe13eef74eed9a0 /src/main | |
parent | ef5165c59aac412893b1439bfa393d571c54018f (diff) |
Fix sandbox when nobody's uid != 65534
It looks like the fix for #481 wasn't quite complete. Somebody on the
mailing list reported namespace-sandbox failing due to this [1].
[1] https://groups.google.com/d/topic/bazel-discuss/FR949mCW9cA/discussion
--
Change-Id: I52dbe4c9639c9df282a035d9acc9b8bff0c5004b
Reviewed-on: https://bazel-review.googlesource.com/#/c/3401
MOS_MIGRATED_REVID=120102039
Diffstat (limited to 'src/main')
-rw-r--r-- | src/main/tools/namespace-sandbox.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/main/tools/namespace-sandbox.c b/src/main/tools/namespace-sandbox.c index 04f1c9c734..7de5ea08a5 100644 --- a/src/main/tools/namespace-sandbox.c +++ b/src/main/tools/namespace-sandbox.c @@ -773,12 +773,12 @@ int main(int argc, char *const argv[]) { // outside environment. CHECK_CALL(mount("none", "/", NULL, MS_REC | MS_PRIVATE, NULL)); - SetupDirectories(&opt); if (opt.fake_root) { SetupUserNamespace(uid, gid, 0, 0); } else { SetupUserNamespaceForNobody(uid, gid); } + SetupDirectories(&opt); ChangeRoot(&opt); SpawnCommand(opt.args, opt.timeout_secs, false); |