From 76c62f27222e908b04785e512b1d111d91a54cb0 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 4 May 2020 14:45:37 +0200 Subject: [PATCH] sys: simplify RunningInUserNS to original implementation Given that we're only interested in detecting if userns is enabled, and no further details about the mapping, we can revert this function to go back to its original implementation in github.com/lxc/lxd/shared/util.go Signed-off-by: Sebastiaan van Stijn --- sys/userns_linux.go | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/sys/userns_linux.go b/sys/userns_linux.go index 4a70afe8a..534253ad8 100644 --- a/sys/userns_linux.go +++ b/sys/userns_linux.go @@ -17,22 +17,36 @@ package sys import ( - "github.com/opencontainers/runc/libcontainer/user" + "bufio" + "fmt" + "os" ) // RunningInUserNS detects whether we are currently running in a user namespace. // Originally copied from github.com/lxc/lxd/shared/util.go func RunningInUserNS() bool { - uidmap, err := user.CurrentProcessUIDMap() + file, err := os.Open("/proc/self/uid_map") if err != nil { // This kernel-provided file only exists if user namespaces are supported return false } + defer file.Close() + + buf := bufio.NewReader(file) + l, _, err := buf.ReadLine() + if err != nil { + return false + } + + line := string(l) + var a, b, c int64 + fmt.Sscanf(line, "%d %d %d", &a, &b, &c) + /* * We assume we are in the initial user namespace if we have a full * range - 4294967295 uids starting at uid 0. */ - if len(uidmap) == 1 && uidmap[0].ID == 0 && uidmap[0].ParentID == 0 && uidmap[0].Count == 4294967295 { + if a == 0 && b == 0 && c == 4294967295 { return false } return true