X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fnspawn.c;h=1ade6e25eff1c01a0b42ba1eaa397de28b6d45c4;hb=e025b4c306d4b0895786839ebbb934188edc6e61;hp=cd528deb79314e487c0d042a96000be02d952e6d;hpb=fd14078a3ab2110cd10e5eb55cdaeecfa51a189c;p=elogind.git diff --git a/src/nspawn.c b/src/nspawn.c index cd528deb7..1ade6e25e 100644 --- a/src/nspawn.c +++ b/src/nspawn.c @@ -117,7 +117,7 @@ static int mount_all(const char *dest) { { "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, true }, { "tmpfs", "/dev", "tmpfs", "mode=755", MS_NOSUID, true }, { "/dev/pts", "/dev/pts", "bind", NULL, MS_BIND, true }, - { "tmpfs", "/dev/.run", "tmpfs", "mode=755", MS_NOSUID|MS_NOEXEC|MS_NODEV, true }, + { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV, true }, #ifdef HAVE_SELINUX { "selinux", "/selinux", "selinuxfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, false }, #endif @@ -125,9 +125,9 @@ static int mount_all(const char *dest) { unsigned k; int r = 0; + char *where; for (k = 0; k < ELEMENTSOF(mount_table); k++) { - char *where; int t; if (asprintf(&where, "%s/%s", dest, mount_table[k].where) < 0) { @@ -167,6 +167,13 @@ static int mount_all(const char *dest) { free(where); } + /* Fix the timezone, if possible */ + if (asprintf(&where, "%s/%s", dest, "/etc/localtime") >= 0) { + mount("/etc/localtime", where, "bind", MS_BIND, NULL); + mount("/etc/localtime", where, "bind", MS_BIND|MS_REMOUNT|MS_RDONLY, NULL); + free(where); + } + return r; } @@ -325,7 +332,7 @@ static int drop_capabilities(void) { unsigned long l; - for (l = 0; l <= MAX(63LU, (unsigned long) CAP_LAST_CAP); l ++) { + for (l = 0; l <= MAX(63LU, (unsigned long) CAP_LAST_CAP); l++) { unsigned i; for (i = 0; i < ELEMENTSOF(retain); i++) @@ -340,7 +347,7 @@ static int drop_capabilities(void) { /* If this capability is not known, EINVAL * will be returned, let's ignore this. */ if (errno == EINVAL) - continue; + break; log_error("PR_CAPBSET_DROP failed: %m"); return -errno; @@ -367,6 +374,7 @@ static int is_os_tree(const char *path) { #define BUFFER_SIZE 1024 static int process_pty(int master, sigset_t *mask) { + char in_buffer[BUFFER_SIZE], out_buffer[BUFFER_SIZE]; size_t in_buffer_full = 0, out_buffer_full = 0; struct epoll_event stdin_ev, stdout_ev, master_ev, signal_ev; @@ -457,11 +465,13 @@ static int process_pty(int master, sigset_t *mask) { if ((n = read(signal_fd, &sfsi, sizeof(sfsi))) != sizeof(sfsi)) { if (n >= 0) { + log_error("Failed to read from signalfd: invalid block size"); r = -EIO; goto finish; } if (errno != EINTR && errno != EAGAIN) { + log_error("Failed to read from signalfd: %m"); r = -errno; goto finish; } @@ -474,7 +484,7 @@ static int process_pty(int master, sigset_t *mask) { if (ioctl(STDIN_FILENO, TIOCGWINSZ, &ws) >= 0) ioctl(master, TIOCSWINSZ, &ws); } else { - r = -EINTR; + r = 0; goto finish; } } @@ -494,6 +504,7 @@ static int process_pty(int master, sigset_t *mask) { stdin_readable = false; else { log_error("read(): %m"); + r = -errno; goto finish; } } else @@ -508,6 +519,7 @@ static int process_pty(int master, sigset_t *mask) { master_writable = false; else { log_error("write(): %m"); + r = -errno; goto finish; } @@ -526,6 +538,7 @@ static int process_pty(int master, sigset_t *mask) { master_readable = false; else { log_error("read(): %m"); + r = -errno; goto finish; } } else @@ -540,6 +553,7 @@ static int process_pty(int master, sigset_t *mask) { stdout_writable = false; else { log_error("write(): %m"); + r = -errno; goto finish; }