jail: enter existing cgroups namespace if given

Call to enter an existing cgroups namespace was missing. Add it. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
author: Daniel Golle 2020-11-26 16:24:47 +0000
committer: Daniel Golle 2020-11-27 01:06:09 +0000
commit: b275b11d89beff3664d0c30b07e8d83b6098be71 (patch)
tree: aef4890ce2a21c309a3dc4be31c3aa51bce8ad39
parent: b87984baf3f4bdfb61b3b38bb4b2dfebeb91b6b9 (diff)
download: procd-b275b11d89beff3664d0c30b07e8d83b6098be71.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/jail/jail.c b/jail/jail.c
index 80da47f..7ec6cd8 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -1129,6 +1129,8 @@ static int exec_jail(void *arg)
 	if (opts.namespace & CLONE_NEWCGROUP)
 		unshare(CLONE_NEWCGROUP);
 
+	setns_open(CLONE_NEWCGROUP);
+
 	if ((opts.namespace & CLONE_NEWUSER) || (opts.setns.user != -1)) {
 		if (setregid(0, 0) < 0) {
 			ERROR("setgid\n");
author	Daniel Golle	2020-11-26 16:24:47 +0000
committer	Daniel Golle	2020-11-27 01:06:09 +0000
commit	b275b11d89beff3664d0c30b07e8d83b6098be71 (patch)
tree	aef4890ce2a21c309a3dc4be31c3aa51bce8ad39
parent	b87984baf3f4bdfb61b3b38bb4b2dfebeb91b6b9 (diff)
download	procd-b275b11d89beff3664d0c30b07e8d83b6098be71.tar.gz