From a8677c3e88aec22f6a319eb55c1f17f9ef91abaf Mon Sep 17 00:00:00 2001 From: Luis Henriques Date: Wed, 23 Nov 2016 10:00:00 +0000 Subject: [PATCH] Revert "UBUNTU: SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root" BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit bd088daefbc5cd42c57c6661e0b95b35d4af3755. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73cb39 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383ad6a6 (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques --- fs/inode.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/fs/inode.c b/fs/inode.c index 037e2f42852b..07453fb3c88d 100644 --- a/fs/inode.c +++ b/fs/inode.c @@ -1677,8 +1677,7 @@ EXPORT_SYMBOL(touch_atime); */ int should_remove_suid(struct dentry *dentry) { - struct inode *inode = d_inode(dentry); - umode_t mode = inode->i_mode; + umode_t mode = d_inode(dentry)->i_mode; int kill = 0; /* suid always must be killed */ @@ -1692,8 +1691,7 @@ int should_remove_suid(struct dentry *dentry) if (unlikely((mode & S_ISGID) && (mode & S_IXGRP))) kill |= ATTR_KILL_SGID; - if (unlikely(kill && !capable_wrt_inode_uidgid(inode, CAP_FSETID) && - S_ISREG(mode))) + if (unlikely(kill && !capable(CAP_FSETID) && S_ISREG(mode))) return kill; return 0; -- 2.39.2