On Thu, Nov 28, 2013 at 10:53:13PM -0600, Serge Hallyn wrote: > Because if they are not, then we'll fail trying to map that > gid into the container. > > The function doesn't change any gids, but lxc-usernsexec always does > setgid(0), so just map getgid() to 0 in the container. > > Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Acked-by: Stéphane Graber <stgra...@ubuntu.com>
> ---
> src/lxc/conf.c | 21 ++++++++++++++-------
> 1 file changed, 14 insertions(+), 7 deletions(-)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index 534e6e6..290a7bb 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -3331,19 +3331,26 @@ int chown_mapped_root(char *path, struct lxc_conf
> *conf)
> }
> if (!pid) {
> int hostuid = geteuid(), ret;
> - char map1[100], map2[100];
> - char *args[] = {"lxc-usernsexec", "-m", map1, "-m", map2, "--",
> "chown",
> - "0", path, NULL};
> + char map1[100], map2[100], map3[100];
> + char *args[] = {"lxc-usernsexec", "-m", map1, "-m", map2, "-m",
> + map3, "--", "chown", "0", path, NULL};
>
> - // "b:0:rootid:1"
> - ret = snprintf(map1, 100, "b:0:%d:1", rootid);
> + // "u:0:rootid:1"
> + ret = snprintf(map1, 100, "u:0:%d:1", rootid);
> if (ret < 0 || ret >= 100) {
> ERROR("Error uid printing map string");
> return -1;
> }
>
> - // "b:hostuid:hostuid:1"
> - ret = snprintf(map2, 100, "b:%d:%d:1", hostuid, hostuid);
> + // "u:hostuid:hostuid:1"
> + ret = snprintf(map2, 100, "u:%d:%d:1", hostuid, hostuid);
> + if (ret < 0 || ret >= 100) {
> + ERROR("Error uid printing map string");
> + return -1;
> + }
> +
> + // "g:0:hostgid:1"
> + ret = snprintf(map3, 100, "g:0:%d:1", getgid());
> if (ret < 0 || ret >= 100) {
> ERROR("Error uid printing map string");
> return -1;
> --
> 1.8.3.2
>
>
> ------------------------------------------------------------------------------
> Rapidly troubleshoot problems before they affect your business. Most IT
> organizations don't have a clear picture of how application performance
> affects their revenue. With AppDynamics, you get 100% visibility into your
> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
