minijail: When pid-namespacing, init should be session leader

When running a jailed process, the init process should take the role of process group and session leader -- otherwise calls to check these values for processes in the namespace may get 0 (as the actual leader is a process outside the namespace). BUG=None TEST=minijail0 -p /sbin/session_manager Change-Id: I35dc7c5ba63db57e64ad6c05018403d4b535922d Reviewed-on: https://chromium-review.googlesource.com/238849 Trybot-Ready: Chris Masone <cmasone@chromium.org> Tested-by: Chris Masone <cmasone@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Commit-Queue: Chris Masone <cmasone@chromium.org>
author: Chris Masone <cmasone@chromium.org> 2015-01-06 14:29:03 -0800
committer: ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> 2015-01-07 07:45:08 +0000
commit: 67546a0f5508cd1d5fe89f7505ab1c6f14c23eda (patch)
tree: 5eb39d067786634627648f34a79adb07ff77d9dc
parent: 03b2af22a2170e9130c8df9e5e92a4d79e91ac0e (diff)
download: minijail-67546a0f5508cd1d5fe89f7505ab1c6f14c23eda.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/libminijail.c b/libminijail.c
index 7a18831..53a554e 100644
--- a/libminijail.c
+++ b/libminijail.c
@@ -1216,6 +1216,8 @@ int API minijail_run_pid_pipes(struct minijail *j, const char *filename,
 	minijail_enter(j);
 
 	if (pid_namespace) {
+		if (setsid() < 0)
+			pdie("failed to make init the session leader");
 		/*
 		 * pid namespace: this process will become init inside the new
 		 * namespace, so fork off a child to actually run the program
author	Chris Masone <cmasone@chromium.org>	2015-01-06 14:29:03 -0800
committer	ChromeOS Commit Bot <chromeos-commit-bot@chromium.org>	2015-01-07 07:45:08 +0000
commit	67546a0f5508cd1d5fe89f7505ab1c6f14c23eda (patch)
tree	5eb39d067786634627648f34a79adb07ff77d9dc
parent	03b2af22a2170e9130c8df9e5e92a4d79e91ac0e (diff)
download	minijail-67546a0f5508cd1d5fe89f7505ab1c6f14c23eda.tar.gz