1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
From 0df81457d3da763614602042b8d0f763cae8c91a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber@stgraber.org>
Date: Sat, 5 Apr 2025 01:11:18 -0400
Subject: [PATCH] start: Re-introduce first SET_DUMPABLE call
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Without it, we're running into issues with complex hooks like nvidia.
Signed-off-by: Stéphane Graber <stgraber@stgraber.org>
---
src/lxc/start.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index f28bceaba6..ee4bf4003b 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1125,6 +1125,11 @@ static int do_start(void *data)
if (!lxc_switch_uid_gid(nsuid, nsgid))
goto out_warn_father;
+ ret = prctl(PR_SET_DUMPABLE, prctl_arg(1), prctl_arg(0),
+ prctl_arg(0), prctl_arg(0));
+ if (ret < 0)
+ goto out_warn_father;
+
/* set{g,u}id() clears deathsignal */
ret = lxc_set_death_signal(SIGKILL, handler->monitor_pid, status_fd);
if (ret < 0) {
|
