minijail: Check correct executable file
When the chroot and pivot_root options are used the path to the binary
to put in jail is given relative to the new root. However the checks
for the program existing and how it is linked were still done relative
the original rootfs. This "worked" as long as there was a similar file
outside of the chroot. Add the ability to get the full path of the
program from libminijail and use that path to check the file.
This allows chrooting to a system that has init in / instead of /sbin.
Don't try to check the binary if there are bind mounts specified. This
avoids having to parse the mounts and check if the binary is in a bind
mounted path.
Change-Id: I2e3af14f5e8fd478963bcb56a3a6ae5908e78524
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/300320
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
3 files changed
