forked from Minki/linux
Revert "proc: Point /proc/{mounts,net} at /proc/thread-self/{mounts,net} instead of /proc/self/{mounts,net}"
This reverts commits344470cac4
ande813244072
. It turns out that the exact path in the symlink matters, if for somewhat unfortunate reasons: some apparmor configurations don't allow dhclient access to the per-thread /proc files. As reported by Jörg Otte: audit: type=1400 audit(1407684227.003:28): apparmor="DENIED" operation="open" profile="/sbin/dhclient" name="/proc/1540/task/1540/net/dev" pid=1540 comm="dhclient" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 so we had better revert this for now. We might be able to work around this in practice by only using the per-thread symlinks if the thread isn't the thread group leader, and if the namespaces differ between threads (which basically never happens). We'll see. In the meantime, the revert was made to be intentionally easy. Reported-by: Jörg Otte <jrg.otte@gmail.com> Acked-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
58d08e3b2c
commit
155134fef2
@ -226,7 +226,7 @@ static struct pernet_operations __net_initdata proc_net_ns_ops = {
|
||||
|
||||
int __init proc_net_init(void)
|
||||
{
|
||||
proc_symlink("net", NULL, "thread-self/net");
|
||||
proc_symlink("net", NULL, "self/net");
|
||||
|
||||
return register_pernet_subsys(&proc_net_ns_ops);
|
||||
}
|
||||
|
@ -173,7 +173,7 @@ void __init proc_root_init(void)
|
||||
|
||||
proc_self_init();
|
||||
proc_thread_self_init();
|
||||
proc_symlink("mounts", NULL, "thread-self/mounts");
|
||||
proc_symlink("mounts", NULL, "self/mounts");
|
||||
|
||||
proc_net_init();
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user