Closed justincormack closed 7 years ago
Are you sure? This is this way for user namespaces to work.
Hmm, so is that via the ownership of the /proc/self/fd
files? Let me check. Otherwise I will make the fchown
Linux only.
We just don't do things randomly, there is a reason to the madness ;)
Well I wasn't trying to remove it randomly either ;) either way I will add a comment...
Hmm, well fchown
does not change the ownership of /proc/self/fd/nn
either, so I still don't see how this could help in the userns case... Will try to test actually running a userns.
LGTM
This makes no sense: open file descriptors do not have ownership, they can be accessed by anyone who has the file descriptor. These anonymous pipes cannot be bound into the filesystem.
On Linux this happens to succeed and do nothing; Posix also allows it to fail.
Signed-off-by: Justin Cormack justin.cormack@docker.com