rootless: force same cwd when re-execing

when joining an existing namespace, we were not maintaining the current working directory, causing commands like export -o to fail when they weren't referring to absolute paths. Closes: #2381 Signed-off-by: Giuseppe Scrivano <[email protected]>
containers · Feb 22, 2019 · 8984ba7 · 8984ba7
1 parent c00bf28
commit 8984ba7
Showing 1 changed file with 28 additions and 0 deletions.
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c
@@ -109,6 +109,13 @@ reexec_userns_join (int userns, int mountns)
   char uid[16];
   char **argv;
   int pid;
+  char *cwd = getcwd (NULL, 0);
+
+  if (cwd == NULL)
+    {
+      fprintf (stderr, "error getting current working directory: %s\n", strerror (errno));
+      _exit (EXIT_FAILURE);
+    }
 
   sprintf (uid, "%d", geteuid ());
 
@@ -154,6 +161,13 @@ reexec_userns_join (int userns, int mountns)
       _exit (EXIT_FAILURE);
     }
 
+  if (chdir (cwd) < 0)
+    {
+      fprintf (stderr, "cannot chdir: %s\n", strerror (errno));
+      _exit (EXIT_FAILURE);
+    }
+  free (cwd);
+
   execvp (argv[0], argv);
 
   _exit (EXIT_FAILURE);
@@ -190,6 +204,13 @@ reexec_in_user_namespace (int ready)
   char *listen_fds = NULL;
   char *listen_pid = NULL;
   bool do_socket_activation = false;
+  char *cwd = getcwd (NULL, 0);
+
+  if (cwd == NULL)
+    {
+      fprintf (stderr, "error getting current working directory: %s\n", strerror (errno));
+      _exit (EXIT_FAILURE);
+    }
 
   listen_pid = getenv("LISTEN_PID");
   listen_fds = getenv("LISTEN_FDS");
@@ -265,6 +286,13 @@ reexec_in_user_namespace (int ready)
       _exit (EXIT_FAILURE);
     }
 
+  if (chdir (cwd) < 0)
+    {
+      fprintf (stderr, "cannot chdir: %s\n", strerror (errno));
+      _exit (EXIT_FAILURE);
+    }
+  free (cwd);
+
   execvp (argv[0], argv);
 
   _exit (EXIT_FAILURE);