morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 08:25:20 +09:00
Code Issues Packages Projects Releases Wiki Activity

core/exec-invoke: pass the correct pid (1) to processes in pidns (#39575)

Browse Source
This commit is contained in:
Yu Watanabe
2025-11-08 02:41:14 +09:00
committed by GitHub
parent 88f6611260 96d4750e7e
commit 7547c3e06a
3 changed files with 28 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/core/exec-invoke.c
View File

@@ -2009,6 +2009,7 @@ static int build_environment(
_cleanup_strv_free_ char **e = NULL;
size_t n = 0;
pid_t exec_pid;
int r;
assert(c);
@@ -2016,10 +2017,12 @@ static int build_environment(
assert(cgroup_context);
assert(ret);
exec_pid = needs_sandboxing && exec_needs_pid_namespace(c, p) ? 1 : getpid_cached();
if (p->n_socket_fds + p->n_stashed_fds > 0) {
_cleanup_free_ char *joined = NULL;
r = strv_extendf_with_size(&e, &n, "LISTEN_PID="PID_FMT, getpid_cached());
r = strv_extendf_with_size(&e, &n, "LISTEN_PID="PID_FMT, exec_pid);
if (r < 0)
return r;
@@ -2044,7 +2047,7 @@ static int build_environment(
}
if ((p->flags & EXEC_SET_WATCHDOG) && p->watchdog_usec > 0) {
r = strv_extendf_with_size(&e, &n, "WATCHDOG_PID="PID_FMT, getpid_cached());
r = strv_extendf_with_size(&e, &n, "WATCHDOG_PID="PID_FMT, exec_pid);
if (r < 0)
return r;
@@ -2174,7 +2177,7 @@ static int build_environment(
return r;
}
r = strv_extendf_with_size(&e, &n, "SYSTEMD_EXEC_PID=" PID_FMT, getpid_cached());
r = strv_extendf_with_size(&e, &n, "SYSTEMD_EXEC_PID=" PID_FMT, exec_pid);
if (r < 0)
return r;

4
src/core/service.c
View File

@@ -1810,7 +1810,9 @@ static int service_spawn_internal(
return -ENOMEM;
}
if (MANAGER_IS_USER(UNIT(s)->manager)) {
if (MANAGER_IS_USER(UNIT(s)->manager) &&
!exec_needs_pid_namespace(&s->exec_context, /* params = */ NULL)) {
if (asprintf(our_env + n_env++, "MANAGERPID="PID_FMT, getpid_cached()) < 0)
return -ENOMEM;

42
src/core/socket.c
View File

@@ -1580,31 +1580,27 @@ static int socket_address_listen_in_cgroup(
if (r < 0)
return log_unit_error_errno(UNIT(s), r, "Failed to acquire runtime: %m");
if (s->exec_context.user_namespace_path &&
s->exec_runtime &&
s->exec_runtime->shared &&
s->exec_runtime->shared->userns_storage_socket[0] >= 0) {
r = open_shareable_ns_path(s->exec_runtime->shared->userns_storage_socket, s->exec_context.user_namespace_path, CLONE_NEWUSER);
if (r < 0)
return log_unit_error_errno(UNIT(s), r, "Failed to open user namespace path %s: %m", s->exec_context.user_namespace_path);
}
if (s->exec_runtime && s->exec_runtime->shared) {
if (s->exec_context.user_namespace_path &&
s->exec_runtime->shared->userns_storage_socket[0] >= 0) {
r = open_shareable_ns_path(s->exec_runtime->shared->userns_storage_socket, s->exec_context.user_namespace_path, CLONE_NEWUSER);
if (r < 0)
return log_unit_error_errno(UNIT(s), r, "Failed to open user namespace path %s: %m", s->exec_context.user_namespace_path);
}
if (s->exec_context.network_namespace_path &&
s->exec_runtime &&
s->exec_runtime->shared &&
s->exec_runtime->shared->netns_storage_socket[0] >= 0) {
r = open_shareable_ns_path(s->exec_runtime->shared->netns_storage_socket, s->exec_context.network_namespace_path, CLONE_NEWNET);
if (r < 0)
return log_unit_error_errno(UNIT(s), r, "Failed to open network namespace path %s: %m", s->exec_context.network_namespace_path);
}
if (s->exec_context.network_namespace_path &&
s->exec_runtime->shared->netns_storage_socket[0] >= 0) {
r = open_shareable_ns_path(s->exec_runtime->shared->netns_storage_socket, s->exec_context.network_namespace_path, CLONE_NEWNET);
if (r < 0)
return log_unit_error_errno(UNIT(s), r, "Failed to open network namespace path %s: %m", s->exec_context.network_namespace_path);
}
if (s->exec_context.ipc_namespace_path &&
s->exec_runtime &&
s->exec_runtime->shared &&
s->exec_runtime->shared->ipcns_storage_socket[0] >= 0) {
r = open_shareable_ns_path(s->exec_runtime->shared->ipcns_storage_socket, s->exec_context.ipc_namespace_path, CLONE_NEWIPC);
if (r < 0)
return log_unit_error_errno(UNIT(s), r, "Failed to open IPC namespace path %s: %m", s->exec_context.ipc_namespace_path);
if (s->exec_context.ipc_namespace_path &&
s->exec_runtime->shared->ipcns_storage_socket[0] >= 0) {
r = open_shareable_ns_path(s->exec_runtime->shared->ipcns_storage_socket, s->exec_context.ipc_namespace_path, CLONE_NEWIPC);
if (r < 0)
return log_unit_error_errno(UNIT(s), r, "Failed to open IPC namespace path %s: %m", s->exec_context.ipc_namespace_path);
}
}
if (socketpair(AF_UNIX, SOCK_SEQPACKET|SOCK_CLOEXEC, 0, pair) < 0)