我有一個小程序,它嘗試在未共享後創建僞終端。輸出:grantpt報告在脫離後出錯
uid before unshare:5000
uid after unshare:0
Grant pt Error: : Permission denied
驗證碼:
#define _GNU_SOURCE
#include <sys/mount.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <fcntl.h>
#include <errno.h>
#include <sched.h>
void set_uid_map(pid_t pid, int inside_id, int outside_id, int length) {
char path[256];
sprintf(path, "/proc/%d/uid_map", getpid());
FILE* uid_map = fopen(path, "w");
fprintf(uid_map, "%d %d %d", inside_id, outside_id, length);
fclose(uid_map);
}
void set_gid_map(pid_t pid, int inside_id, int outside_id, int length) {
char path[256];
sprintf(path, "/proc/%d/gid_map", getpid());
FILE* gid_map = fopen(path, "w");
fprintf(gid_map, "%d %d %d", inside_id, outside_id, length);
fclose(gid_map);
}
int main(void)
{
int master;
int flag = 0;
flag |= CLONE_NEWUSER;
flag |= CLONE_NEWNS;
flag |= CLONE_NEWIPC;
flag |= CLONE_NEWNET;
flag |= CLONE_NEWUTS;
flag |= CLONE_NEWPID;
printf("uid before unshare:%d \n", (int) getuid());
unshare(flag);
set_uid_map(getpid(), 0, 5000, 1);
set_gid_map(getpid(), 0, 5000, 1);
printf("uid after unshare:%d \n", (int) getuid());
if ((master = posix_openpt(O_RDWR | O_NOCTTY)) < 0)
perror("Openpt Error: ");
if (grantpt(master) < 0)
perror("Grant pt Error: ");
unlockpt(master);
return 0;
} // main
如果我刪除flag |= CLONE_NEWUSER;
,有沒有錯誤的報道。你能幫助解釋爲什麼會發生這種情況嗎?提前致謝!
謝謝,非常有幫助 – Sven