userns: fix return value on mntns_install() failure
Change return value from -EINVAL to -EPERM when the permission check fails. Signed-off-by: Zhao Hongjiang <zhaohongjiang@huawei.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
This commit is contained in:
Родитель
0c55cfc416
Коммит
ae11e0f184
|
@ -2775,7 +2775,7 @@ static int mntns_install(struct nsproxy *nsproxy, void *ns)
|
||||||
|
|
||||||
if (!ns_capable(mnt_ns->user_ns, CAP_SYS_ADMIN) ||
|
if (!ns_capable(mnt_ns->user_ns, CAP_SYS_ADMIN) ||
|
||||||
!nsown_capable(CAP_SYS_CHROOT))
|
!nsown_capable(CAP_SYS_CHROOT))
|
||||||
return -EINVAL;
|
return -EPERM;
|
||||||
|
|
||||||
if (fs->users != 1)
|
if (fs->users != 1)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
Загрузка…
Ссылка в новой задаче