37 lines
958 B
Diff
37 lines
958 B
Diff
From 0db5bbd7c5d4b0a801e6f7fb4f1321dd7664498c Mon Sep 17 00:00:00 2001
|
|
From: zhongjiawei <zhongjiawei1@huawei.com>
|
|
Date: Thu, 22 Feb 2024 19:48:11 +0800
|
|
Subject: [PATCH] runc:check cmd exist
|
|
|
|
---
|
|
libcontainer/setns_init_linux.go | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/libcontainer/setns_init_linux.go b/libcontainer/setns_init_linux.go
|
|
index 1eea851..f1dcab6 100644
|
|
--- a/libcontainer/setns_init_linux.go
|
|
+++ b/libcontainer/setns_init_linux.go
|
|
@@ -4,6 +4,7 @@ import (
|
|
"errors"
|
|
"fmt"
|
|
"os"
|
|
+ "os/exec"
|
|
"strconv"
|
|
|
|
"github.com/opencontainers/selinux/go-selinux"
|
|
@@ -86,6 +87,11 @@ func (l *linuxSetnsInit) Init() error {
|
|
if err := finalizeNamespace(l.config); err != nil {
|
|
return err
|
|
}
|
|
+ // Check for the arg early to make sure it exists.
|
|
+ _, err := exec.LookPath(l.config.Args[0])
|
|
+ if err != nil {
|
|
+ return err
|
|
+ }
|
|
if err := apparmor.ApplyProfile(l.config.AppArmorProfile); err != nil {
|
|
return err
|
|
}
|
|
--
|
|
2.33.0
|
|
|