lxc-download: Detect unpriv created by real root

This adds yet another case in the in_userns function detecting the case where an unprivileged container is created by the real uid 0, in which case we want to share the system wide cache but still use the unprivileged templates and unpack method. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

lxc-download: Detect unpriv created by real root
4eac9913 · Stéphane Graber · 4672c91a · 4eac9913
Commit 4eac9913 authored Feb 26, 2014 by Stéphane Graber
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 2 deletions

lxc-download.in templates/lxc-download.in +5 -2

No files found.
--- a/templates/lxc-download.in
+++ b/templates/lxc-download.in
@@ -142,8 +142,11 @@ gpg_validate() {
 in_userns() {
    [ -e /proc/self/uid_map ] || { echo no; return; }
-    line=$(awk '{ print $1 " " $2 " " $3 }' /proc/self/uid_map)
+    awk '{ print $1 " " $2 " " $3 }' /proc/self/uid_map | while read line; do
-    [ "$line" = "0 0 4294967295" ] && { echo no; return; }
+        [ "$line" = "0 0 4294967295" ] && { echo no; return; }
+        echo $line | grep -q " 0 1$" && { echo userns-root; return; }
+    done
    [ "$(cat /proc/self/uid_map)" = "$(cat /proc/1/uid_map)" ] && \
        { echo userns-root; return; }
    echo yes