共有解除後に疑似端末を作成しようとする小さなプログラムがあります。出力は次のとおりです。
uid before unshare:5000
uid after unshare:0
Grant pt Error: : Permission denied
コード:
#define _GNU_SOURCE
#include <sys/mount.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <fcntl.h>
#include <errno.h>
#include <sched.h>
void set_uid_map(pid_t pid, int inside_id, int outside_id, int length) {
char path[256];
sprintf(path, "/proc/%d/uid_map", getpid());
FILE* uid_map = fopen(path, "w");
fprintf(uid_map, "%d %d %d", inside_id, outside_id, length);
fclose(uid_map);
}
void set_gid_map(pid_t pid, int inside_id, int outside_id, int length) {
char path[256];
sprintf(path, "/proc/%d/gid_map", getpid());
FILE* gid_map = fopen(path, "w");
fprintf(gid_map, "%d %d %d", inside_id, outside_id, length);
fclose(gid_map);
}
int main(void)
{
int master;
int flag = 0;
flag |= CLONE_NEWUSER;
flag |= CLONE_NEWNS;
flag |= CLONE_NEWIPC;
flag |= CLONE_NEWNET;
flag |= CLONE_NEWUTS;
flag |= CLONE_NEWPID;
printf("uid before unshare:%d \n", (int) getuid());
unshare(flag);
set_uid_map(getpid(), 0, 5000, 1);
set_gid_map(getpid(), 0, 5000, 1);
printf("uid after unshare:%d \n", (int) getuid());
if ( ( master = posix_openpt(O_RDWR | O_NOCTTY) ) < 0)
perror("Openpt Error: ");
if ( grantpt(master) < 0 )
perror("Grant pt Error: ");
unlockpt(master);
return 0;
} // main
を削除するflag |= CLONE_NEWUSER;と、エラーは報告されません。なぜこれが起こるのか説明できますか?前もって感謝します!