summaryrefslogtreecommitdiff
path: root/osutil/isolate.go
diff options
context:
space:
mode:
authorValery Piashchynski <[email protected]>2020-09-01 20:37:55 +0300
committerValery Piashchynski <[email protected]>2020-09-01 20:37:55 +0300
commitdb42004864662a01b1d8a325f60f9a903e0f769c (patch)
treef0d45a2702912ac1519365b002bfcdb4e9ab8a13 /osutil/isolate.go
parentcff3ba139193c9f2ebcf8220df2a6ac401c55e9b (diff)
Update comments in ExecuteFromUser
Diffstat (limited to 'osutil/isolate.go')
-rw-r--r--osutil/isolate.go4
1 files changed, 4 insertions, 0 deletions
diff --git a/osutil/isolate.go b/osutil/isolate.go
index 62144d13..9eaf8a44 100644
--- a/osutil/isolate.go
+++ b/osutil/isolate.go
@@ -16,6 +16,7 @@ func IsolateProcess(cmd *exec.Cmd) {
cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true, Pgid: 0}
}
+// ExecuteFromUser may work only if run RR under root user
func ExecuteFromUser(cmd *exec.Cmd, u string) error {
usr, err := user.Lookup(u)
if err != nil {
@@ -32,6 +33,9 @@ func ExecuteFromUser(cmd *exec.Cmd, u string) error {
return err
}
+ // For more information:
+ // https://www.man7.org/linux/man-pages/man7/user_namespaces.7.html
+ // https://www.man7.org/linux/man-pages/man7/namespaces.7.html
if _, err := os.Stat("/proc/self/ns/user"); err != nil {
if os.IsNotExist(err) {
return fmt.Errorf("kernel doesn't support user namespaces")