[libvirt] [PATCH] LXC: Fix virLXCControllerSetupDevPTS() wrt user namespaces
Ján Tomko
jtomko at redhat.com
Thu Aug 14 12:35:12 UTC 2014
On 07/28/2014 10:59 PM, Richard Weinberger wrote:
> The gid value passed to devpts has to be translated by hand as
> virLXCControllerSetupDevPTS() is called before setting up the user
> and group mappings.
> Otherwise devpts will use an unmapped gid and openpty()
> will fail within containers.
> Linux commit commit 23adbe12
s/commit commit/kernel commit/
> ("fs,userns: Change inode_capable to capable_wrt_inode_uidgid")
> uncovered that issue.
>
> Signed-off-by: Richard Weinberger <richard at nod.at>
> ---
> src/lxc/lxc_controller.c | 25 +++++++++++++++++++++++--
> 1 file changed, 23 insertions(+), 2 deletions(-)
>
> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
> index 2d220eb..82ecf12 100644
> --- a/src/lxc/lxc_controller.c
> +++ b/src/lxc/lxc_controller.c
> @@ -1164,6 +1164,19 @@ static int virLXCControllerMain(virLXCControllerPtr ctrl)
> return rc;
> }
>
> +static uint32_t
I've changed this to 'unsigned int' to match the type used by virDomainIdMapEntry.
> +virLXCControllerLookupUsernsMap(virDomainIdMapEntryPtr map, int num,
> + uint32_t src)
> +{
> + int i;
This should be size_t to pass 'make syntax-check'.
> +
> + for (i = 0; i < num; i++) {
> + if (src > map[i].start && src < map[i].start + map[i].count)
> + return map[i].target + (src - map[i].start);
> + }
> +
> + return src;
> +}
>
> static int
> virLXCControllerSetupUsernsMap(virDomainIdMapEntryPtr map,
ACK; pushed now.
Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140814/13df1338/attachment-0001.sig>
More information about the libvir-list
mailing list