Ignore EINVAL from prctl(PR_SET_NO_NEW_PRIVS)

Ignore a EINVAL error here as it means that the kernel is too old
to understand this option. We should not fail hard in this case
but just ignore the error.

closes: 764066

diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index 1e1fb59..dbf831a 100644 (file)
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -2189,8 +2189,9 @@ bool DropPrivileges()
 
 #if __gnu_linux__
    // see prctl(2), needs linux3.5
-   int ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0,0, 0);
-   if(ret < 0)
+   int ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
+   // ignore EINVAL - kernel is too old to understand the option
+   if(ret < 0 && errno != EINVAL)
       _error->Warning("PR_SET_NO_NEW_PRIVS failed with %i", ret);
 #endif
    // Do not change the order here, it might break things