Merge pull request #22695 from Luap99/rootless-reexec

rootless: fix reexec to use /proc/self/exe
containers · May 14, 2024 · f568afe · f568afe · packit-as-a-service · May 14, 2024
2 parents 5044a0b + 2a609b0
commit f568afe
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c
@@ -922,8 +922,8 @@ reexec_userns_join (int pid_to_join, char *pause_pid_file_path)
       _exit (EXIT_FAILURE);
     }
 
-  execvp (argv[0], argv);
-  fprintf (stderr, "failed to execvp %s: %m\n", argv[0]);
+  execvp ("/proc/self/exe", argv);
+  fprintf (stderr, "failed to reexec: %m\n");
 
   _exit (EXIT_FAILURE);
 }
@@ -1145,7 +1145,8 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re
       _exit (ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE);
     }
 
-  execvp (argv[0], argv);
+  execvp ("/proc/self/exe", argv);
+  fprintf (stderr, "failed to reexec: %m\n");
 
   _exit (EXIT_FAILURE);
 }
diff --git a/test/system/550-pause-process.bats b/test/system/550-pause-process.bats
@@ -94,7 +94,9 @@ function _check_pause_process() {
     run_podman system migrate
 
     # We're forced to use $PODMAN because run_podman cannot be backgrounded
-    $PODMAN run -i --name c_run $IMAGE sh -c "$SLEEPLOOP" &
+    # Also special logic to set a different argv0 to make sure the reexec still works:
+    # https://github.com/containers/podman/issues/22672
+    bash -c "exec -a argv0-podman $PODMAN run -i --name c_run $IMAGE sh -c '$SLEEPLOOP'" &
     local kidpid=$!
 
     _test_sigproxy c_run $kidpid