This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
tst-ttyname failure
- From: Florian Weimer <fweimer at redhat dot com>
- To: Luke Shumaker <lukeshu at parabola dot nu>
- Cc: Christian Brauner <christian dot brauner at ubuntu dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Fri, 17 Nov 2017 22:28:44 +0100
- Subject: tst-ttyname failure
- Authentication-results: sourceware.org; auth=none
I need the two attached patches in order to get tst-ttyname to succeed
when running on Fedora as a non-root user.
info: entering chroot 1
info: testcase: basic smoketest
info: ttyname: PASS {name="/dev/pts/5", errno=0}
info: ttyname_r: PASS {name="/dev/pts/5", ret=0, errno=0}
error: ../sysdeps/unix/sysv/linux/tst-ttyname.c:122: write (setroups,
"deny"): Operation not permitted
info: entering chroot 2
error: ../sysdeps/unix/sysv/linux/tst-ttyname.c:122: write (setroups,
"deny"): Operation not permitted
error: 2 test failures
I get the same failure when running the test on
kernel-3.10.0-768.el7.x86_64 (there I tested as root).
This is on top of master with commit
ce003e5d4cd94c5380699b0dadeaaf825813afbe (support_become_root: Enable
file creation in user namespaces). The test failure was present before
I pushed that change.
Would you please double-check that they do not break the test on
whatever distributions you tested on and do not interfere with the test
objective?
Thanks,
Florian
Subject: [PATCH] support_enter_mount_namespace: Unshare with mount --make-rprivate
To: libc-alpha@sourceware.org
System defaults vary, and a mere unshare (CLONE_NEWNS) (which is part of
support_become_root) is no longer sufficient.
2017-11-17 Florian Weimer <fweimer@redhat.com>
* support/namespace.h (support_enter_mount_namespace): Declare.
* support/support_enter_mount_namespace.c: New file.
* support/Makefile (libsupport-routines): Add
support_enter_mount_namespace.
diff --git a/support/Makefile b/support/Makefile
index f7a878b950..384fecb65a 100644
--- a/support/Makefile
+++ b/support/Makefile
@@ -42,6 +42,7 @@ libsupport-routines = \
support_capture_subprocess \
support_capture_subprocess_check \
support_chroot \
+ support_enter_mount_namespace \
support_enter_network_namespace \
support_format_address_family \
support_format_addrinfo \
diff --git a/support/namespace.h b/support/namespace.h
index 9eddb1a0e9..b5e2d1474a 100644
--- a/support/namespace.h
+++ b/support/namespace.h
@@ -51,6 +51,11 @@ bool support_can_chroot (void);
has sufficient privileges. */
bool support_enter_network_namespace (void);
+/* Enter a mount namespace and mark / as private (not shared). If
+ this function returns true, mount operations in this process will
+ not affect the host system afterwards. */
+bool support_enter_mount_namespace (void);
+
/* Return true if support_enter_network_namespace managed to enter a
UTS namespace. */
bool support_in_uts_namespace (void);
diff --git a/support/support_enter_mount_namespace.c b/support/support_enter_mount_namespace.c
new file mode 100644
index 0000000000..6140692075
--- /dev/null
+++ b/support/support_enter_mount_namespace.c
@@ -0,0 +1,45 @@
+/* Enter a mount namespace.
+ Copyright (C) 2017 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <support/namespace.h>
+
+#include <sched.h>
+#include <stdio.h>
+#include <sys/mount.h>
+
+bool
+support_enter_mount_namespace (void)
+{
+#ifdef CLONE_NEWNS
+ if (unshare (CLONE_NEWNS) == 0)
+ {
+ /* On some systems, / is marked as MS_SHARED, which means that
+ mounts within the namespace leak to the rest of the system,
+ which is not what we want. */
+ if (mount ("none", "/", NULL, MS_REC | MS_PRIVATE, NULL) != 0)
+ {
+ printf ("warning: making the mount namespace private failed: %m\n");
+ return false;
+ }
+ return true;
+ }
+ else
+ printf ("warning: unshare (CLONE_NEWNS) failed: %m\n");
+#endif /* CLONE_NEWNS */
+ return false;
+}
Subject: [PATCH] tst-ttyname: Fix namespace setup for Fedora
To: libc-alpha@sourceware.org
On Fedora, the previous initialization sequence did not work and
resulted in failures like:
info: entering chroot 1
info: testcase: basic smoketest
info: ttyname: PASS {name="/dev/pts/5", errno=0}
info: ttyname_r: PASS {name="/dev/pts/5", ret=0, errno=0}
error: ../sysdeps/unix/sysv/linux/tst-ttyname.c:122: write (setroups, "deny"): Operation not permitted
info: entering chroot 2
error: ../sysdeps/unix/sysv/linux/tst-ttyname.c:122: write (setroups, "deny"): Operation not permitted
error: 2 test failures
2017-11-17 Florian Weimer <fweimer@redhat.com>
* sysdeps/unix/sysv/linux/tst-ttyname.c
(become_root_in_mount_ns): Remove.
(do_in_chroot_1): Call support_enter_mount_namespace.
(do_in_chroot_2): Likewise.
(do_test): Call support_become_root early.
diff --git a/sysdeps/unix/sysv/linux/tst-ttyname.c b/sysdeps/unix/sysv/linux/tst-ttyname.c
index 32d7a65938..0fdf1a8ccb 100644
--- a/sysdeps/unix/sysv/linux/tst-ttyname.c
+++ b/sysdeps/unix/sysv/linux/tst-ttyname.c
@@ -78,65 +78,6 @@ proc_fd_readlink (const char *linkname)
return target;
}
-static void
-become_root_in_mount_ns (void)
-{
- uid_t orig_uid = getuid ();
- gid_t orig_gid = getgid ();
-
- support_become_root ();
-
- if (unshare (CLONE_NEWNS) < 0)
- FAIL_UNSUPPORTED ("could not enter new mount namespace");
-
- /* support_become_root might have put us in a new user namespace;
- most filesystems (including tmpfs) don't allow file or directory
- creation from a user namespace unless uid and gid maps are set,
- even if we have root privileges in the namespace (failing with
- EOVERFLOW, since the uid overflows the empty (0-length) uid map).
-
- Also, stat always reports that uid and gid maps are empty, so we
- have to try actually reading from them to check if they are
- empty. */
- int fd;
-
- if ((fd = open ("/proc/self/uid_map", O_RDWR, 0)) >= 0)
- {
- char buf;
- if (read (fd, &buf, 1) == 0)
- {
- char *str = xasprintf ("0 %ld 1\n", (long)orig_uid);
- if (write (fd, str, strlen (str)) < 0)
- FAIL_EXIT1 ("write (uid_map, \"%s\"): %m", str);
- free (str);
- }
- xclose (fd);
- }
-
- /* Setting the gid map has the additional complexity that we have to
- first turn off setgroups. */
- if ((fd = open ("/proc/self/setgroups", O_WRONLY, 0)) >= 0)
- {
- const char *str = "deny";
- if (write (fd, str, strlen (str)) < 0)
- FAIL_EXIT1 ("write (setroups, \"%s\"): %m", str);
- xclose (fd);
- }
-
- if ((fd = open ("/proc/self/gid_map", O_RDWR, 0)) >= 0)
- {
- char buf;
- if (read (fd, &buf, 1) == 0)
- {
- char *str = xasprintf ("0 %ld 1\n", (long)orig_gid);
- if (write (fd, str, strlen (str)) < 0)
- FAIL_EXIT1 ("write (gid_map, \"%s\"): %m", str);
- free (str);
- }
- xclose (fd);
- }
-}
-
/* plain ttyname runner */
struct result
@@ -328,7 +269,8 @@ do_in_chroot_1 (int (*cb)(const char *, int))
{
xclose (master);
- become_root_in_mount_ns ();
+ if (!support_enter_mount_namespace ())
+ FAIL_UNSUPPORTED ("could not enter new mount namespace");
VERIFY (mount ("tmpfs", chrootdir, "tmpfs", 0, "mode=755") == 0);
VERIFY (chdir (chrootdir) == 0);
@@ -395,7 +337,8 @@ do_in_chroot_2 (int (*cb)(const char *, int))
xclose (pid_pipe[0]);
xclose (exit_pipe[1]);
- become_root_in_mount_ns ();
+ if (!support_enter_mount_namespace ())
+ FAIL_UNSUPPORTED ("could not enter new mount namespace");
int slave = xopen (slavename, O_RDWR, 0);
if (!doit (slave, "basic smoketest",
@@ -611,6 +554,8 @@ run_chroot_tests (const char *slavename, int slave)
static int
do_test (void)
{
+ support_become_root ();
+
int ret1 = do_in_chroot_1 (run_chroot_tests);
if (ret1 == EXIT_UNSUPPORTED)
return ret1;