New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 917790 link

Starred by 2 users
Status: Started
Owner:
vapier@chromium.org
Cc:
lhchavez@chromium.org
derat@chromium.org
vapier@chromium.org
jorgelo@chromium.org
hidehiko@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

minijail0 fails to enter existing network namespace

Project Member Reported by nya@chromium.org, Dec 26 
With the latest minijail0, entering existing network namespace always crashes:

# ip netns add foo
# ls -l /run/netns/foo
-r--r--r--. 1 root root 0 Dec 25 16:42 /run/netns/foo
# ip netns exec foo /bin/ls; echo $?
0
# minijail0 -e/run/netns/foo /bin/ls; echo $?
134

/var/log/messages says minijail0 crashed by EBADF.

2018-12-25T16:42:58.401689-08:00 ERR coreutils[3626]: libminijail[3626]: setns(CLONE_NEWNET) failed: Bad file descriptor

Comment 1 by vapier@chromium.org, Dec 27 

i think this has been broken since this commit which added O_CLOEXEC everywhere:
  https://android-review.googlesource.com/205896

since the netns was opened with O_CLOEXEC, it's invalidated in the child.  i think that CL also broke entering a mount namespace.

Comment 2 by vapier@chromium.org, Dec 27

Owner: vapier@chromium.org
Status: Started (was: Available)
should be fixed by:
  https://android-review.googlesource.com/858121

Comment 3 by nya@chromium.org, Dec 28 

Thanks Mike for the fix!

Sign in to add a comment