On Tue, Mar 07, 2023 at 12:45:00PM +0100, Rodrigo Campos wrote: > We need PR_SET_DUMPABLE in order to write the mapping files when > creating a userns. From prctl(2) PR_SET_DUMPABLE is reset when the > process's effective user or group ID is changed. > > As we are changing the EUID here, we also reset it to allow creating > nested userns with subsequent switch_users() calls. > > This was not causing any issues because we weren't using switch_users() > to create nested userns. Nested userns were created with > userns_fd_cb()/create_userns_hierarchy() that set PR_SET_DUMPABLE. > > Future patches will rely on switch_users() to create nested userns. So > this patch fixes that. > > Signed-off-by: Rodrigo Campos <rodrigo@xxxxxxxxxxx> > --- Looks good, Reviewed-by: Christian Brauner <brauner@xxxxxxxxxx>
