Fix unshare container join net ns

Moe-hacker · Nov 22, 2024 · 544e7ef · 544e7ef
1 parent e47acec
commit 544e7ef
Showing 1 changed file with 10 additions and 10 deletions.
diff --git a/src/unshare.c b/src/unshare.c
@@ -160,16 +160,6 @@ static pid_t join_ns(struct RURI_CONTAINER *_Nonnull container)
 		}
 		close(ns_fd);
 	}
-	ns_fd = open(mount_ns_file, O_RDONLY | O_CLOEXEC);
-	if (ns_fd < 0 && !container->no_warnings) {
-		ruri_warning("{yellow}Warning: seems that mount namespace is not supported on this device QwQ{clear}\n");
-	} else {
-		usleep(1000);
-		if (setns(ns_fd, CLONE_NEWNS) == -1) {
-			ruri_error("{red}Failed to setns mount namespace QwQ\n");
-		}
-		close(ns_fd);
-	}
 	// Disable network.
 	if (container->no_network) {
 		char net_ns_file[PATH_MAX] = { '\0' };
@@ -182,6 +172,16 @@ static pid_t join_ns(struct RURI_CONTAINER *_Nonnull container)
 			ruri_error("{red}--no-network detected, but failed to setns network namespace QwQ\n");
 		}
 	}
+	ns_fd = open(mount_ns_file, O_RDONLY | O_CLOEXEC);
+	if (ns_fd < 0 && !container->no_warnings) {
+		ruri_warning("{yellow}Warning: seems that mount namespace is not supported on this device QwQ{clear}\n");
+	} else {
+		usleep(1000);
+		if (setns(ns_fd, CLONE_NEWNS) == -1) {
+			ruri_error("{red}Failed to setns mount namespace QwQ\n");
+		}
+		close(ns_fd);
+	}
 	// Close fds after fork().
 	unshare(CLONE_FILES);
 	// Fork itself into namespace.