On Fri, Sep 09, 2022 at 04:33:52PM +0200, Stefano Brivio wrote:On Thu, 8 Sep 2022 13:59:01 +1000 David Gibson <david(a)gibson.dropbear.id.au> wrote:Right, that's kind of the whole point of this patch, but it's a bit obscured in the wording here because I realized we'd actually fail later anyway.passt is allowed to run as "root" (UID 0) in a user namespace, but notas real root in the init namespace. We read /proc/self/uid_map to determine if we're in the init namespace or not. If we're unable to open /proc/self/uid_map we assume we're ok and continue running as UID 0. This seems unwise: AFAIK the only instance in which uid_map won't be available is if we're running on a kernel which doesn't support user namespaces, in which case we won't be able to sandbox ourselves as we want and fail anyway.Well, if user namespaces are not supported and the UID is 0, then we're actually running as root, so we should quit anyway.True. I'll reword the commit message to make both points clearer.If there are other circumstances where it can't be opened it seems marginally more likely that we *are* in the init namespace.That could also happen if procfs is not mounted, but I'm not sure what would work then.-- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibsonTherefore, fail with an error in this case, instead of carrying on.Yes, absolutely.