On Thu,  8 Sep 2022 13:59:01 +1000
David Gibson <david(a)gibson.dropbear.id.au> wrote:

> passt is allowed to run as "root" (UID 0) in a user namespace, but notas
> real root in the init namespace.  We read /proc/self/uid_map to determine
> if we're in the init namespace or not.
> 
> If we're unable to open /proc/self/uid_map we assume we're ok and continue
> running as UID 0.  This seems unwise: AFAIK the only instance in which
> uid_map won't be available is if we're running on a kernel which doesn't
> support user namespaces, in which case we won't be able to sandbox
> ourselves as we want and fail anyway.

Well, if user namespaces are not supported and the UID is 0, then we're
actually running as root, so we should quit anyway.

> If there are other circumstances
> where it can't be opened it seems marginally more likely that we *are*
> in the init namespace.

That could also happen if procfs is not mounted, but I'm not sure what
would work then.

> Therefore, fail with an error in this case, instead of carrying on.

Yes, absolutely.

-- 
Stefano