Trying to run xcpu2 on my laptop (running Ubuntu 8.04), xcpufs fails to set
up the namespace and returns EPERM.
[EMAIL PROTECTED]:~/xcpu2$ xrx 0 /bin/date
xnamespace failed: : Operation not permitted
EPERM is returned by unshare() which mandates the CAP_SYS_ADMIN capability.
(What a mess!)
I am running xcpufs as root, so I suspect this could be some pam_namespace
issue.
The patch below fixes things for me. Not sure if just setting the required
capability (CAP_SYS_ADMIN) would be a better approach than this.
Signed-off-by: Abhishek Kulkarni <[EMAIL PROTECTED]>
Index: xcpufs/xcpufs.c
===================================================================
--- xcpufs/xcpufs.c (revision 685)
+++ xcpufs/xcpufs.c (working copy)
@@ -1361,6 +1361,11 @@
p = ns;
ep = ns + strlen(ns);
toks = NULL;
+
+ /* Temporarily gain privileges, just in case */
+ if(setuid(0) < 0)
+ goto error;
+
while (p < ep) {
s = strchr(p, '\n');
if (!s)
@@ -1468,6 +1473,10 @@
toks = NULL;
}
+ /* We are done, drop the privileges now */
+ if(setuid(getuid()) < 0)
+ goto error;
+
free(ns);
return 0;
