Revert "proc: Point /proc/{mounts,net} at /proc/thread-self/{mounts,net} instead...

This reverts commits 344470cac42e and e81324407269.

It turns out that the exact path in the symlink matters, if for somewhat
unfortunate reasons: some apparmor configurations don't allow dhclient
access to the per-thread /proc files.  As reported by Jörg Otte:

  audit: type=1400 audit(1407684227.003:28): apparmor="DENIED"
    operation="open" profile="/sbin/dhclient"
    name="/proc/1540/task/1540/net/dev" pid=1540 comm="dhclient"
    requested_mask="r" denied_mask="r" fsuid=0 ouid=0

so we had better revert this for now.  We might be able to work around
this in practice by only using the per-thread symlinks if the thread
isn't the thread group leader, and if the namespaces differ between
threads (which basically never happens).

We'll see. In the meantime, the revert was made to be intentionally easy.

Reported-by: Jörg Otte <jrg.otte@gmail.com>
Acked-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/fs/proc/proc_net.c b/fs/proc/proc_net.c
index 39481028ec086bc0692f8593e407d6d9bd35a7a6..a63af3e0a6126b4445bb9a3cef8687038e670b58 100644 (file)
--- a/fs/proc/proc_net.c
+++ b/fs/proc/proc_net.c
@@ -226,7 +226,7 @@ static struct pernet_operations __net_initdata proc_net_ns_ops = {
 
 int __init proc_net_init(void)
 {
-       proc_symlink("net", NULL, "thread-self/net");
+       proc_symlink("net", NULL, "self/net");
 
        return register_pernet_subsys(&proc_net_ns_ops);
 }

diff --git a/fs/proc/root.c b/fs/proc/root.c
index 6296c7626963e3bbaf0f4c435dd28b5009c5510c..094e44d4a6be6ab52672100e2e089c154f1c9a8a 100644 (file)
--- a/fs/proc/root.c
+++ b/fs/proc/root.c
@@ -173,7 +173,7 @@ void __init proc_root_init(void)
 
        proc_self_init();
        proc_thread_self_init();
-       proc_symlink("mounts", NULL, "thread-self/mounts");
+       proc_symlink("mounts", NULL, "self/mounts");
 
        proc_net_init();