Fix namespace warning being emitted if sandbox is disabled
If useChroot = false, and user namespaces aren't available for some
reason (e.g. within a Docker container), this fixes a pointless warning
being emitted, as we would never attempt to use them even if they were
available.
Change-Id: Ibcee91c088edd2cd19e70218d5a5802bff8f537b
This commit is contained in:
parent
aba5f19680
commit
3da41fdb82
|
@ -221,12 +221,12 @@ void LocalDerivationGoal::tryLocalBuild()
|
|||
}
|
||||
|
||||
#if __linux__
|
||||
if (useChroot) {
|
||||
// FIXME: should user namespaces being unsupported also require
|
||||
// sandbox-fallback to be allowed? I don't think so, since they aren't a
|
||||
// huge security win to have enabled.
|
||||
usingUserNamespace = userNamespacesSupported();
|
||||
|
||||
if (useChroot) {
|
||||
if (!mountAndPidNamespacesSupported()) {
|
||||
if (!settings.sandboxFallback)
|
||||
throw Error("this system does not support the kernel namespaces that are required for sandboxing; use '--no-sandbox' to disable sandboxing. Pass --debug for diagnostics on what is broken.");
|
||||
|
|
Loading…
Reference in a new issue