diff options
author | Valery Piashchynski <[email protected]> | 2020-09-01 20:37:55 +0300 |
---|---|---|
committer | Valery Piashchynski <[email protected]> | 2020-09-01 20:37:55 +0300 |
commit | db42004864662a01b1d8a325f60f9a903e0f769c (patch) | |
tree | f0d45a2702912ac1519365b002bfcdb4e9ab8a13 | |
parent | cff3ba139193c9f2ebcf8220df2a6ac401c55e9b (diff) |
Update comments in ExecuteFromUser
-rw-r--r-- | osutil/isolate.go | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/osutil/isolate.go b/osutil/isolate.go index 62144d13..9eaf8a44 100644 --- a/osutil/isolate.go +++ b/osutil/isolate.go @@ -16,6 +16,7 @@ func IsolateProcess(cmd *exec.Cmd) { cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true, Pgid: 0} } +// ExecuteFromUser may work only if run RR under root user func ExecuteFromUser(cmd *exec.Cmd, u string) error { usr, err := user.Lookup(u) if err != nil { @@ -32,6 +33,9 @@ func ExecuteFromUser(cmd *exec.Cmd, u string) error { return err } + // For more information: + // https://www.man7.org/linux/man-pages/man7/user_namespaces.7.html + // https://www.man7.org/linux/man-pages/man7/namespaces.7.html if _, err := os.Stat("/proc/self/ns/user"); err != nil { if os.IsNotExist(err) { return fmt.Errorf("kernel doesn't support user namespaces") |