namespace: use ERRNO_IS_PRIVILEGE()/ERRNO_IS_NOT_SUPPORTED() where appropriate

author Lennart Poettering <lennart@poettering.net>

Mon, 13 Mar 2023 14:19:56 +0000 (15:19 +0100)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Tue, 14 Mar 2023 03:57:46 +0000 (12:57 +0900)
author Lennart Poettering <lennart@poettering.net>
Mon, 13 Mar 2023 14:19:56 +0000 (15:19 +0100)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Tue, 14 Mar 2023 03:57:46 +0000 (12:57 +0900)
diff --git a/src/core/namespace.c b/src/core/namespace.c

index b4bb01bb742fa36cef0b476faf24c5d9bcc64094..8a8ff5ac7dfabd43d29a965228f0a8e3d8a0119a 100644 (file)
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -2426,7 +2426,8 @@ int setup_namespace(
  
          if (unshare(CLONE_NEWNS) < 0) {
                  r = log_debug_errno(errno, "Failed to unshare the mount namespace: %m");
-                if (IN_SET(r, -EACCES, -EPERM, -EOPNOTSUPP, -ENOSYS))
+                if (ERRNO_IS_PRIVILEGE(r) ||
+                    ERRNO_IS_NOT_SUPPORTED(r))
                          /* If the kernel doesn't support namespaces, or when there's a MAC or seccomp filter
                           * in place that doesn't allow us to create namespaces (or a missing cap), then
                           * propagate a recognizable error back, which the caller can use to detect this case
author	Lennart Poettering <lennart@poettering.net>
	Mon, 13 Mar 2023 14:19:56 +0000 (15:19 +0100)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Tue, 14 Mar 2023 03:57:46 +0000 (12:57 +0900)