mirror/ youki
1
0
Fork 0
mirror of https://github.com/containers/youki synced 2024-06-10 16:56:17 +02:00
Code Issues

Remove mut from do_chdir flag 

Co-authored-by: utam0k <k0ma@utam0k.jp>
This commit is contained in:
Takashi IIGUNI 2021-08-22 18:03:32 +09:00 committed by GitHub
parent 3d1a2d8ad9
commit ae1984ebe2
Signed by: GitHub
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/process/init.rs
View File

@ -213,18 +213,17 @@ pub fn container_init(args: ContainerInitArgs) -> Result<()> {
}
}
let mut do_chdir = !proc.cwd.is_empty();
// change directory to process.cwd if process.cwd is not empty
if do_chdir {
let do_chdir = if proc.cwd.is_empty() {
false
} else {
// This chdir must run before setting up the user.
// This may allow the user running youki to access directories
// that the container user cannot access.
match unistd::chdir(&*proc.cwd) {
Ok(_) => do_chdir = false,
Err(nix::Error::EPERM) => {}
Err(e) => return Err(anyhow::anyhow!("Failed to chdir: {}", e)),
};
}
Ok(_) => false,
Err(nix::Error::EPERM) => true,
Err(e) => bail!("Failed to chdir: {}", e),
};
command.set_id(Uid::from_raw(proc.user.uid), Gid::from_raw(proc.user.gid))?;
capabilities::reset_effective(command)?;