sys: simplify RunningInUserNS to original implementation

Given that we're only interested in detecting if userns is enabled, and no further details about the mapping, we can revert this function to go back to its original implementation in github.com/lxc/lxd/shared/util.go Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-05-04 14:45:37 +02:00 · 2020-05-04 14:45:37 +02:00 · 76c62f2722
commit 76c62f2722
parent 6a9b94927f
1 changed files with 17 additions and 3 deletions
--- a/sys/userns_linux.go
+++ b/sys/userns_linux.go
@ -17,22 +17,36 @@
 package sys

 import (
-	"github.com/opencontainers/runc/libcontainer/user"
+	"bufio"
+	"fmt"
+	"os"
 )

 // RunningInUserNS detects whether we are currently running in a user namespace.
 // Originally copied from github.com/lxc/lxd/shared/util.go
 func RunningInUserNS() bool {
-	uidmap, err := user.CurrentProcessUIDMap()
+	file, err := os.Open("/proc/self/uid_map")
 	if err != nil {
 		// This kernel-provided file only exists if user namespaces are supported
 		return false
 	}
+	defer file.Close()
+
+	buf := bufio.NewReader(file)
+	l, _, err := buf.ReadLine()
+	if err != nil {
+		return false
+	}
+
+	line := string(l)
+	var a, b, c int64
+	fmt.Sscanf(line, "%d %d %d", &a, &b, &c)
+
 	/*
 	 * We assume we are in the initial user namespace if we have a full
 	 * range - 4294967295 uids starting at uid 0.
 	 */
-	if len(uidmap) == 1 && uidmap[0].ID == 0 && uidmap[0].ParentID == 0 && uidmap[0].Count == 4294967295 {
+	if a == 0 && b == 0 && c == 4294967295 {
 		return false
 	}
 	return true