minijail: When pid-namespacing, init should be session leader When running a jailed process, the init process should take the role of process group and session leader -- otherwise calls to check these values for processes in the namespace may get 0 (as the actual leader is a process outside the namespace). BUG=None TEST=minijail0 -p /sbin/session_manager Change-Id: I35dc7c5ba63db57e64ad6c05018403d4b535922d Reviewed-on: https://chromium-review.googlesource.com/238849 Trybot-Ready: Chris Masone <cmasone@chromium.org> Tested-by: Chris Masone <cmasone@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Commit-Queue: Chris Masone <cmasone@chromium.org>

commit: 67546a0f5508cd1d5fe89f7505ab1c6f14c23eda [log] [tgz]
author: Chris Masone <cmasone@chromium.org> Tue Jan 06 14:29:03 2015 -0800
committer: ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> Wed Jan 07 07:45:08 2015 +0000
tree: 5eb39d067786634627648f34a79adb07ff77d9dc
parent: 03b2af22a2170e9130c8df9e5e92a4d79e91ac0e [diff]
diff --git a/libminijail.c b/libminijail.c
index 7a18831..53a554e 100644
--- a/libminijail.c
+++ b/libminijail.c

@@ -1216,6 +1216,8 @@
 	minijail_enter(j);
 
 	if (pid_namespace) {
+		if (setsid() < 0)
+			pdie("failed to make init the session leader");
 		/*
 		 * pid namespace: this process will become init inside the new
 		 * namespace, so fork off a child to actually run the program
commit	67546a0f5508cd1d5fe89f7505ab1c6f14c23eda	[log] [tgz]
author	Chris Masone <cmasone@chromium.org>	Tue Jan 06 14:29:03 2015 -0800
committer	ChromeOS Commit Bot <chromeos-commit-bot@chromium.org>	Wed Jan 07 07:45:08 2015 +0000
tree	5eb39d067786634627648f34a79adb07ff77d9dc
parent	03b2af22a2170e9130c8df9e5e92a4d79e91ac0e [diff]