[libvirt] LXC: making the private root filesystem more secure

Daniel P. Berrange berrange at redhat.com
Thu Sep 11 13:42:46 UTC 2008 

On Wed, Sep 10, 2008 at 03:10:53PM -0700, Balbir Singh wrote:
> Daniel Veillard wrote:
> > On Thu, Sep 04, 2008 at 12:50:35PM -0700, Dan Smith wrote:
> >> DV> I just checked the libcgroup heaer file available under Fedora 9
> >> DV> and I'm a bit afraid of the dependancy. They expose a lot of
> >> DV> structure, some clearly incomplete, which means liking to it in its
> >> DV> current state may turn into a problematic dependency.
> >>
> 
> Could you please elaborate on the structure exposed. We are more then willing to
> fix any incomplete information you are concerned about

I believe Daniel is refering to the struct's in your public header file.
The embedded comments themselves  in libcgroup.h say that the structs 
will need to be extended with more fields as cgroups gets more capabilities.
Adding fields to a struct will change the ABI unless care is taken to 
provide for extensibility. The cpu_controller and cg_group structs here 
are of particular concern
    
    /*
     * These data structures are heavily controller dependent, which means
     * any changes (additions/removal) of configuration items would have to
     *  be reflected in this library. We might implement a plugin
     *  infrastructure, so that we can deal with such changes with ease.
     */
    
    struct cpu_controller {
            /*TODO: Add the cpu.usage file here, also need to automate this.*/
            char *shares;   /* Having strings helps us write them to files */
            /*
             * XX: No it does not make a difference. It requires a fprintf anyway
             * so it needs the qualifier.
             */
    };
    
    struct cg_group {
            char *name;
            uid_t tasks_uid;
            gid_t tasks_gid;
            uid_t admin_uid;
            gid_t admin_gid;
            struct cpu_controller cpu_config;
    };
    
    /*
     * A singly linked list suffices since we don't expect too many mount points
     */
    struct mount_table {
            char *options;          /* Name(s) of the controller */
            char *mount_point;      /* The place where the controller is mounted */
            struct mount_table *next;
    };
    
    /*
     * Maintain a list of all group names. These will be used during cleanup
     */
    struct list_of_names {
            char *name;
            struct list_of_names *next;
    };
    
Regards,    
Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

More information about the libvir-list mailing list