From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alex Vong <alexvong1995@gmail.com>
Subject: bug#21410: [TEST-FAIL] 2 tests failed when running `make check' on
	Debian
Date: Mon, 7 Sep 2015 09:47:41 +0800
Message-ID: <20150907094741.1ff54819@debian>
References: <20150904144440.2f14182d@debian>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:37383)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ZYlXS-0002la-QS
	for bug-guix@gnu.org; Sun, 06 Sep 2015 21:48:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ZYlXO-0002T8-6q
	for bug-guix@gnu.org; Sun, 06 Sep 2015 21:48:06 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:58875)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ZYlXO-0002Sz-3N
	for bug-guix@gnu.org; Sun, 06 Sep 2015 21:48:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ZYlXN-00061S-TV
	for bug-guix@gnu.org; Sun, 06 Sep 2015 21:48:02 -0400
In-Reply-To: <20150904144440.2f14182d@debian>
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.21410.B21410.144159047923142@debbugs.gnu.org>
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
To: dthompson2@worcester.edu
Cc: 21410@debbugs.gnu.org

Hi Dave,

I have searched the internet according to the information you provided,
I find this bug report <https://github.com/lxc/lxc/issues/250> provides useful information.
I have written an example program after going through the clone(2) man page.
It demonstrates the problem and is inlined below.

First, compile the program as `a.out'.

Consider shell session 1:

    root# echo 0 > /proc/sys/kernel/unprivileged_userns_clone
    user$ ./a.out
    I am your parent
    Start cloning...
    Cannot clone!

Consider shell session 2:

    root# echo 1 > /proc/sys/kernel/unprivileged_userns_clone
    user$ ./a.out
    I am your parent
    Start cloning...
    Cloned!
    I am your child

Any idea what's happenning?
I don't know Linux much, for instance I don't know what is container and namespace in Linux.

Thanks!

Cheers,
Alex

#define _GNU_SOURCE
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <sched.h>
#include <sys/wait.h>
#include <unistd.h>

#define STACK_SIZE (1024 * 1024)

int
child(void *str)
{
  if (puts(str) < 0)
    return EXIT_FAILURE;
  else
    return EXIT_SUCCESS;
}

int
main(void)
{ void *func_ptr = &child;
  void *stack_base = malloc(STACK_SIZE);
  void *stack_top;
  int flag = CLONE_NEWUSER | SIGCHLD;
  char *msg = "I am your child";
  int errsv = 0;

  puts("I am your parent");
  puts("Start cloning...");

  stack_top = stack_base + STACK_SIZE;
  clone(func_ptr, stack_top, flag, msg);
  errsv = errno;

  if (!errsv)
    puts("Cloned!");
  else
    puts("Cannot clone!");
  return errsv;
}