diff options
Diffstat (limited to 'src/basic/namespace-util.c')
| -rw-r--r-- | src/basic/namespace-util.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/basic/namespace-util.c b/src/basic/namespace-util.c index 16053ff2a9..a80ed32791 100644 --- a/src/basic/namespace-util.c +++ b/src/basic/namespace-util.c @@ -527,19 +527,19 @@ int is_idmapping_supported(const char *path) { return r; userns_fd = userns_acquire(uid_map, gid_map); - if (ERRNO_IS_NEG_NOT_SUPPORTED(userns_fd)) + if (ERRNO_IS_NEG_NOT_SUPPORTED(userns_fd) || ERRNO_IS_NEG_PRIVILEGE(userns_fd)) return false; if (userns_fd < 0) return log_debug_errno(userns_fd, "ID-mapping supported namespace acquire failed for '%s' : %m", path); dir_fd = RET_NERRNO(open(path, O_RDONLY | O_CLOEXEC | O_NOFOLLOW)); - if (ERRNO_IS_NEG_NOT_SUPPORTED(dir_fd) || dir_fd == -EINVAL) + if (ERRNO_IS_NEG_NOT_SUPPORTED(dir_fd)) return false; if (dir_fd < 0) return log_debug_errno(dir_fd, "ID-mapping supported open failed for '%s' : %m", path); mount_fd = RET_NERRNO(open_tree(dir_fd, "", AT_EMPTY_PATH | OPEN_TREE_CLONE | OPEN_TREE_CLOEXEC)); - if (ERRNO_IS_NEG_NOT_SUPPORTED(mount_fd) || mount_fd == -EINVAL) + if (ERRNO_IS_NEG_NOT_SUPPORTED(mount_fd) || ERRNO_IS_NEG_PRIVILEGE(mount_fd) || mount_fd == -EINVAL) return false; if (mount_fd < 0) return log_debug_errno(mount_fd, "ID-mapping supported open_tree failed for '%s' : %m", path); @@ -549,7 +549,7 @@ int is_idmapping_supported(const char *path) { .attr_set = MOUNT_ATTR_IDMAP | MOUNT_ATTR_NOSUID | MOUNT_ATTR_NOEXEC | MOUNT_ATTR_RDONLY | MOUNT_ATTR_NODEV, .userns_fd = userns_fd, }, sizeof(struct mount_attr))); - if (ERRNO_IS_NEG_NOT_SUPPORTED(r) || r == -EINVAL || r == -EPERM) + if (ERRNO_IS_NEG_NOT_SUPPORTED(r) || ERRNO_IS_NEG_PRIVILEGE(r) || r == -EINVAL) return false; if (r < 0) return log_debug_errno(r, "ID-mapping supported setattr failed for '%s' : %m", path); |