From 65c45517e15f4e0f3efa8245e8fec20c53c51b3e Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sun, 15 Jan 2023 22:03:27 +0100 Subject: [PATCH] Bind /run/user directory --- lib/core/common.sh | 3 ++- lib/core/namespace.sh | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/core/common.sh b/lib/core/common.sh index d44303f..df79bec 100644 --- a/lib/core/common.sh +++ b/lib/core/common.sh @@ -84,6 +84,7 @@ RM="rm" MKDIR="mkdir" GETENT="getent" CP="cp" +ID="id" # Used for checking user namespace in config.gz file ZGREP="zgrep" UNSHARE="unshare" @@ -245,7 +246,7 @@ function check_same_arch() { function provide_common_bindings(){ RESULT="" local re='(.*):.*' - for bind in "/dev" "/sys" "/proc" "/tmp" "$HOME" + for bind in "/dev" "/sys" "/proc" "/tmp" "$HOME" "/run/user/$($ID -u)" do if [[ $bind =~ $re ]] then diff --git a/lib/core/namespace.sh b/lib/core/namespace.sh index 2754dab..9471f31 100644 --- a/lib/core/namespace.sh +++ b/lib/core/namespace.sh @@ -11,7 +11,7 @@ # vim: ft=sh # shellcheck disable=SC2027 -COMMON_BWRAP_OPTION="--bind "$JUNEST_HOME" / --bind "$HOME" "$HOME" --bind /tmp /tmp --bind /sys /sys --bind /proc /proc --dev-bind-try /dev /dev --unshare-user-try" +COMMON_BWRAP_OPTION="--bind "$JUNEST_HOME" / --bind "$HOME" "$HOME" --bind /tmp /tmp --bind /sys /sys --bind /proc /proc --dev-bind-try /dev /dev --bind-try "/run/user/$($ID -u)" "/run/user/$($ID -u)" --unshare-user-try" CONFIG_PROC_FILE="/proc/config.gz" CONFIG_BOOT_FILE="/boot/config-$($UNAME -r)" PROC_USERNS_CLONE_FILE="/proc/sys/kernel/unprivileged_userns_clone"