On Thu, Oct 13, 2022 at 9:24 AM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote:
>
> If the user is root, tmpdir is already wiped out.
>
> Fixes:
> # sandbox -T /root/tmp -- id
> uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:sandbox_t:s0:c696,c756
> Failed to remove directory /tmp/.sandbox-root-KIlB59: No such file or directory
>
> Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
For these two patches:
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> sandbox/seunshare.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c
> index 8917a0f9bd42..dd1d7ddbdc89 100644
> --- a/sandbox/seunshare.c
> +++ b/sandbox/seunshare.c
> @@ -414,7 +414,7 @@ static int cleanup_tmpdir(const char *tmpdir, const char *src,
> rc++;
> }
>
> - if (rmdir(tmpdir) == -1)
> + if (pwd->pw_uid != 0 && rmdir(tmpdir) == -1)
> fprintf(stderr, _("Failed to remove directory %s: %s\n"), tmpdir, strerror(errno));
> if ((uid_t)setfsuid(pwd->pw_uid) != 0) {
> fprintf(stderr, _("unable to switch back to user after clearing tmp dir\n"));
> --
> 2.37.3
>
