diff options
Diffstat (limited to '')
-rw-r--r-- | src/basic/lock-util.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/basic/lock-util.c b/src/basic/lock-util.c index 7bffe85..aef395d 100644 --- a/src/basic/lock-util.c +++ b/src/basic/lock-util.c @@ -139,7 +139,14 @@ static int fcntl_lock(int fd, int operation, bool ofd) { .l_len = 0, })); - if (r == -EACCES) /* Treat EACCESS/EAGAIN the same as per man page. */ + /* If we are doing non-blocking operations, treat EACCES/EAGAIN the same as per man page. But if + * not, propagate EACCES back, as it will likely be due to an LSM denying the operation (for example + * LXC with AppArmor when running on kernel < 6.2), and in some cases we want to gracefully + * fallback (e.g.: PrivateNetwork=yes). As per documentation, it's only the non-blocking operation + * F_SETLK that might return EACCES on some platforms (although the Linux implementation doesn't + * seem to), as F_SETLKW and F_OFD_SETLKW block so this is not an issue, and F_OFD_SETLK is documented + * to only return EAGAIN if the lock is already held. */ + if ((operation & LOCK_NB) && r == -EACCES) r = -EAGAIN; return r; |