nsswitch: do not reload if "/" changes
Carlos O'Donell
carlos@redhat.com
Tue Jan 19 14:30:09 GMT 2021
On 1/18/21 11:53 AM, Florian Weimer wrote:
> * Carlos O'Donell via Libc-alpha:
>
>> Can we create a non-test-container test for this?
>>
>> I think you can use support_become_root to unshare and then try
>> to use support_chroot_create/support_chroot_free and xhcroot to
>> change root, and then try to do an NSS call that will fail?
>
> You need to chroot twice, first to get a defined /etc/nsswitch.conf, and
> another one to make sure things don't ger reloaded after chroot.
That would be a perfect solution.
However, I think you could get away with recording some known uid/gid
from the system that was doing the build and then ensure that value
is not present in the container.
> You probably also have to copy different service modules into the two
> chroots.
Correct.
--
Cheers,
Carlos.
More information about the Libc-alpha
mailing list