From 89fdca71686779f04ce354f2b7103ffdb2a14f97 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 13 Sep 2024 12:46:29 +0200
Subject: [PATCH] exec-invoke: Add debug logging for setup_private_users()

---
 src/core/exec-invoke.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c
index 4e70c84374..72ed53360b 100644
--- a/src/core/exec-invoke.c
+++ b/src/core/exec-invoke.c
@@ -2175,14 +2175,14 @@ static int setup_private_users(PrivateUsers private_users, uid_t ouid, gid_t ogi
                 fd = open(a, O_WRONLY|O_CLOEXEC);
                 if (fd < 0) {
                         if (errno != ENOENT) {
-                                r = -errno;
+                                r = log_debug_errno(errno, "Failed to open %s: %m", a);
                                 goto child_fail;
                         }
 
                         /* If the file is missing the kernel is too old, let's continue anyway. */
                 } else {
                         if (write(fd, "deny\n", 5) < 0) {
-                                r = -errno;
+                                r = log_debug_errno(errno, "Failed to write \"deny\" to %s: %m", a);
                                 goto child_fail;
                         }
 
@@ -2193,11 +2193,11 @@ static int setup_private_users(PrivateUsers private_users, uid_t ouid, gid_t ogi
                 a = procfs_file_alloca(ppid, "gid_map");
                 fd = open(a, O_WRONLY|O_CLOEXEC);
                 if (fd < 0) {
-                        r = -errno;
+                        r = log_debug_errno(errno, "Failed to open %s: %m", a);
                         goto child_fail;
                 }
                 if (write(fd, gid_map, strlen(gid_map)) < 0) {
-                        r = -errno;
+                        r = log_debug_errno(errno, "Failed to write GID map to %s: %m", a);
                         goto child_fail;
                 }
                 fd = safe_close(fd);
@@ -2206,11 +2206,11 @@ static int setup_private_users(PrivateUsers private_users, uid_t ouid, gid_t ogi
                 a = procfs_file_alloca(ppid, "uid_map");
                 fd = open(a, O_WRONLY|O_CLOEXEC);
                 if (fd < 0) {
-                        r = -errno;
+                        r = log_debug_errno(errno, "Failed to open %s: %m", a);
                         goto child_fail;
                 }
                 if (write(fd, uid_map, strlen(uid_map)) < 0) {
-                        r = -errno;
+                        r = log_debug_errno(errno, "Failed to write UID map to %s: %m", a);
                         goto child_fail;
                 }
 
@@ -2224,7 +2224,7 @@ static int setup_private_users(PrivateUsers private_users, uid_t ouid, gid_t ogi
         errno_pipe[1] = safe_close(errno_pipe[1]);
 
         if (unshare(CLONE_NEWUSER) < 0)
-                return -errno;
+                return log_debug_errno(errno, "Failed to unshare user namespace: %m");
 
         /* Let the child know that the namespace is ready now */
         if (write(unshare_ready_fd, &c, sizeof(c)) < 0)
-- 
2.25.1