On Tue, Nov 07, 2023 at 02:23:34PM -0700, Shuah Khan wrote:
On 9/29/23 06:53, Swarup Laxman Kotiaklapudi wrote:
Change namespace creation for root and non-root user differently in create_and_enter_ns() function
Sorry for the delay on reviewing this.
Can you tell me more about why this change is needed and include it in the change log.
thanks, -- Shuah
Hi Shuah,
This patchset was raised to fix below TODO:
"If we're already root, we could skip creating the userns."
Without this patchset, function create_and_enter_ns(), at this path --> tools/testing/selftests/capabilities/test_execve.c was as mentioned below:
static bool create_and_enter_ns(uid_t inner_uid) { .... if (unshare(CLONE_NEWNS) == 0) { .... } else if (unshare(CLONE_NEWUSER | CLONE_NEWNS) == 0) { .... } else { ksft_exit_skip("must be root or be able to create a userns\n"); }
... }
To fix the TODO, above mentioned if block is executed if root user, for normal user it enters inside 'else if' block.
Thanks, Swarup