unshare: fix creating a userns when running as root

this check would prevent the function to ever be used when running as root, since we won't check what capabilities are currently available to the process. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
containers · Oct 29, 2022 · 1af3928 · 1af3928
1 parent 232bf39
commit 1af3928
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/pkg/unshare/unshare_linux.go b/pkg/unshare/unshare_linux.go
@@ -465,7 +465,7 @@ func bailOnError(err error, format string, a ...interface{}) { // nolint: golint
 // MaybeReexecUsingUserNamespace re-exec the process in a new namespace
 func MaybeReexecUsingUserNamespace(evenForRoot bool) {
 	// If we've already been through this once, no need to try again.
-	if os.Geteuid() == 0 && IsRootless() {
+	if os.Geteuid() == 0 && GetRootlessUID() > 0 {
 		return
 	}