exec-invoke: Fix unshare() error handling (#36537)

2025-09-10 22:52:49 +02:00 · 2025-02-27 09:16:07 +01:00
parent 768cda38e6 f215835cb8
commit d9e41bfe02
1 changed files with 3 additions and 4 deletions
--- a/src/core/exec-invoke.c
+++ b/src/core/exec-invoke.c
@@ -5182,10 +5182,9 @@ int exec_invoke(
        }

        if (needs_sandboxing && exec_needs_cgroup_namespace(context, params)) {
-                r = unshare(CLONE_NEWCGROUP);
-                if (r < 0) {
+                if (unshare(CLONE_NEWCGROUP) < 0) {
                        *exit_status = EXIT_NAMESPACE;
-                        return log_exec_error_errno(context, params, r, "Failed to set up cgroup namespacing: %m");
+                        return log_exec_error_errno(context, params, errno, "Failed to set up cgroup namespacing: %m");
                }
        }

@@ -5194,7 +5193,7 @@ int exec_invoke(
        if (needs_sandboxing && exec_needs_pid_namespace(context)) {
                if (params->pidref_transport_fd < 0) {
                        *exit_status = EXIT_NAMESPACE;
-                        return log_exec_error_errno(context, params, r, "PidRef socket is not set up: %m");
+                        return log_exec_error_errno(context, params, SYNTHETIC_ERRNO(ENOTCONN), "PidRef socket is not set up: %m");
                }

                /* If we had CAP_SYS_ADMIN prior to joining the user namespace, then we are privileged and don't need