On Fri, Nov 4, 2022 at 2:38 PM James Carter <jwcart2@xxxxxxxxx> wrote:
>
> On Thu, Oct 13, 2022 at 9:24 AM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote:
> >
> > If the user is root, tmpdir is already wiped out.
> >
> > Fixes:
> > # sandbox -T /root/tmp -- id
> > uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:sandbox_t:s0:c696,c756
> > Failed to remove directory /tmp/.sandbox-root-KIlB59: No such file or directory
> >
> > Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
>
> For these two patches:
> Acked-by: James Carter <jwcart2@xxxxxxxxx>
>
These two patches have been merged.
Thanks,
Jim
> > ---
> > sandbox/seunshare.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c
> > index 8917a0f9bd42..dd1d7ddbdc89 100644
> > --- a/sandbox/seunshare.c
> > +++ b/sandbox/seunshare.c
> > @@ -414,7 +414,7 @@ static int cleanup_tmpdir(const char *tmpdir, const char *src,
> > rc++;
> > }
> >
> > - if (rmdir(tmpdir) == -1)
> > + if (pwd->pw_uid != 0 && rmdir(tmpdir) == -1)
> > fprintf(stderr, _("Failed to remove directory %s: %s\n"), tmpdir, strerror(errno));
> > if ((uid_t)setfsuid(pwd->pw_uid) != 0) {
> > fprintf(stderr, _("unable to switch back to user after clearing tmp dir\n"));
> > --
> > 2.37.3
> >
