Quoting Serge Hallyn (serge.hal...@ubuntu.com):
>
> Otherwise (a) there is a memory leak when using user namespaces and
> clearing a config, and (b) saving a container configuration file doesn't
> maintain the userns mapping. For instance, if container c1 has
> lxc.id_map configuration entries, then
>
> python3
> import lxc
> c=lxc.Container("c1")
> c.save_config("/tmp/config1")
>
> should show 'lxc.id_map =' entries in /tmp/config1.
>
> Reported-by: Dwight Engen <dwight.en...@oracle.com>
> Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
> ---
> src/lxc/conf.c | 13 +++++++++++++
> src/lxc/confile.c | 6 ++++++
> 2 files changed, 19 insertions(+)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index dc521b5..21614d9 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -3123,6 +3123,18 @@ int lxc_clear_config_caps(struct lxc_conf *c)
> return 0;
> }
>
> +int lxc_clear_idmaps(struct lxc_conf *c)
> +{
> + struct lxc_list *it, *next;
> +
> + lxc_list_for_each_safe(it, &c->id_map, next) {
> + lxc_list_del(it);
> + free(it->elem);
> + free(it);
> + }
> + return 0;
> +}
> +
> int lxc_clear_cgroups(struct lxc_conf *c, const char *key)
> {
> struct lxc_list *it,*next;
> @@ -3226,5 +3238,6 @@ void lxc_conf_free(struct lxc_conf *conf)
> lxc_clear_hooks(conf, "lxc.hook");
> lxc_clear_mount_entries(conf);
> lxc_clear_saved_nics(conf);
> + lxc_clear_idmaps(conf);
> free(conf);
> }
> diff --git a/src/lxc/confile.c b/src/lxc/confile.c
> index a7db117..05370f0 100644
> --- a/src/lxc/confile.c
> +++ b/src/lxc/confile.c
> @@ -1945,6 +1945,12 @@ void write_config(FILE *fout, struct lxc_conf *c)
> }
> lxc_list_for_each(it, &c->caps)
> fprintf(fout, "lxc.cap.drop = %s\n", (char *)it->elem);
> + lxc_list_for_each(it, &c->id_map) {
> + struct id_map *idmap = it->elem;
> + fprintf(fout, "lxc.id_map = %c %lu %lu %lu\n",
> + idmap->type == ID_TYPE_UID ? 'u' : 'c', idmap->nsid,
D'oh, that is supposed to be 'g' not 'c'.
If anyone has any comments beside that, please post. Else I will push
this and my two patches from friday "soonish".
> + idmap->hostid, idmap->range);
> + }
> for (i=0; i<NUM_LXC_HOOKS; i++) {
> lxc_list_for_each(it, &c->hooks[i])
> fprintf(fout, "lxc.hook.%s = %s\n",
> --
> 1.8.3.2
>
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
