From 4b176d4f4573dbb6aea635a492b780b7c8cd0912 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 1 Jul 2019 21:58:30 +0200 Subject: [PATCH] rootless: do not join namespace if it has already euid == 0 do not attempt to join the rootless namespace if it is running already with euid == 0. Closes: https://github.com/containers/libpod/issues/3463 Signed-off-by: Giuseppe Scrivano --- pkg/rootless/rootless_linux.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c index d58a088012..19b76f3879 100644 --- a/pkg/rootless/rootless_linux.c +++ b/pkg/rootless/rootless_linux.c @@ -244,7 +244,7 @@ static void __attribute__((constructor)) init() /* Shortcut. If we are able to join the pause pid file, do it now so we don't need to re-exec. */ xdg_runtime_dir = getenv ("XDG_RUNTIME_DIR"); - if (xdg_runtime_dir && xdg_runtime_dir[0] && can_use_shortcut ()) + if (geteuid () != 0 && xdg_runtime_dir && xdg_runtime_dir[0] && can_use_shortcut ()) { int r; int fd;