From 155134fef2b6c7426c3f25ffe84fb3043167c860 Mon Sep 17 00:00:00 2001 From: Linus Torvalds Date: Sun, 10 Aug 2014 21:24:59 -0700 Subject: Revert "proc: Point /proc/{mounts,net} at /proc/thread-self/{mounts,net} instead of /proc/self/{mounts,net}" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commits 344470cac42e and e81324407269. It turns out that the exact path in the symlink matters, if for somewhat unfortunate reasons: some apparmor configurations don't allow dhclient access to the per-thread /proc files. As reported by Jörg Otte: audit: type=1400 audit(1407684227.003:28): apparmor="DENIED" operation="open" profile="/sbin/dhclient" name="/proc/1540/task/1540/net/dev" pid=1540 comm="dhclient" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 so we had better revert this for now. We might be able to work around this in practice by only using the per-thread symlinks if the thread isn't the thread group leader, and if the namespaces differ between threads (which basically never happens). We'll see. In the meantime, the revert was made to be intentionally easy. Reported-by: Jörg Otte Acked-by: Eric W. Biederman Signed-off-by: Linus Torvalds --- fs/proc/root.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'fs/proc/root.c') diff --git a/fs/proc/root.c b/fs/proc/root.c index 6296c7626963..094e44d4a6be 100644 --- a/fs/proc/root.c +++ b/fs/proc/root.c @@ -173,7 +173,7 @@ void __init proc_root_init(void) proc_self_init(); proc_thread_self_init(); - proc_symlink("mounts", NULL, "thread-self/mounts"); + proc_symlink("mounts", NULL, "self/mounts"); proc_net_init(); -- cgit v1.2.3