Skip to content

Commit

Permalink
---
Browse files Browse the repository at this point in the history 
yaml
---
r: 346325
b: refs/heads/master
c: b33c77e
h: refs/heads/master
i:
  346323: 6e2ef41
v: v3
  • Loading branch information
Eric W. Biederman committed Nov 20, 2012
1 parent 0687330 commit 01cea7e
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 3 deletions.
2 changes: 1 addition & 1 deletion [refs]
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
refs/heads/master: 37657da3c5d4a3bbbbb9d3b78f53a8134a0abae0
refs/heads/master: b33c77ef23dd3ec5692c9c0cc739a3f5f0f2baae
5 changes: 3 additions & 2 deletions trunk/kernel/nsproxy.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,7 @@ static struct nsproxy *create_new_namespaces(unsigned long flags,
int copy_namespaces(unsigned long flags, struct task_struct *tsk)
{
struct nsproxy *old_ns = tsk->nsproxy;
struct user_namespace *user_ns = task_cred_xxx(tsk, user_ns);
struct nsproxy *new_ns;
int err = 0;

Expand All @@ -134,7 +135,7 @@ int copy_namespaces(unsigned long flags, struct task_struct *tsk)
CLONE_NEWPID | CLONE_NEWNET)))
return 0;

if (!capable(CAP_SYS_ADMIN)) {
if (!ns_capable(user_ns, CAP_SYS_ADMIN)) {
err = -EPERM;
goto out;
}
Expand Down Expand Up @@ -191,7 +192,7 @@ int unshare_nsproxy_namespaces(unsigned long unshare_flags,
CLONE_NEWNET | CLONE_NEWPID)))
return 0;

if (!capable(CAP_SYS_ADMIN))
if (!nsown_capable(CAP_SYS_ADMIN))
return -EPERM;

*new_nsp = create_new_namespaces(unshare_flags, current,
Expand Down

0 comments on commit 01cea7e

Please sign in to comment.