confile: final cleanups

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: final cleanups
504a2217 · Christian Brauner · 9c61a6d6 · 504a2217
Unverified Commit 504a2217 authored May 31, 2017 by Christian Brauner
Show whitespace changes
Inline Side-by-side

Showing with 339 additions and 253 deletions

confile.c src/lxc/confile.c +339 -253

No files found.
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -213,77 +213,77 @@ static int set_config_limit(const char *, const char *, struct lxc_conf *);
 static int get_config_limit(const char *, char *, int, struct lxc_conf *);
 static struct lxc_config_t config[] = {
-	{ "lxc.arch",                 set_config_personality,          get_config_personality,       NULL},
+	{ "lxc.arch",                 set_config_personality,          get_config_personality,       NULL },
-	{ "lxc.pts",                  set_config_pts,                  get_config_pts,               NULL},
+	{ "lxc.pts",                  set_config_pts,                  get_config_pts,               NULL },
-	{ "lxc.tty",                  set_config_tty,                  get_config_tty,               NULL},
+	{ "lxc.tty",                  set_config_tty,                  get_config_tty,               NULL },
-	{ "lxc.devttydir",            set_config_ttydir,               get_config_ttydir,            NULL},
+	{ "lxc.devttydir",            set_config_ttydir,               get_config_ttydir,            NULL },
-	{ "lxc.kmsg",                 set_config_kmsg,                 get_config_kmsg,              NULL},
+	{ "lxc.kmsg",                 set_config_kmsg,                 get_config_kmsg,              NULL },
-	{ "lxc.aa_profile",           set_config_lsm_aa_profile,       get_config_lsm_aa_profile,    NULL},
+	{ "lxc.aa_profile",           set_config_lsm_aa_profile,       get_config_lsm_aa_profile,    NULL },
-	{ "lxc.aa_allow_incomplete",  set_config_lsm_aa_incomplete,    get_config_lsm_aa_incomplete, NULL},
+	{ "lxc.aa_allow_incomplete",  set_config_lsm_aa_incomplete,    get_config_lsm_aa_incomplete, NULL },
-	{ "lxc.se_context",           set_config_lsm_se_context,       get_config_lsm_se_context,    NULL},
+	{ "lxc.se_context",           set_config_lsm_se_context,       get_config_lsm_se_context,    NULL },
-	{ "lxc.cgroup",               set_config_cgroup,               get_config_cgroup,            NULL},
+	{ "lxc.cgroup",               set_config_cgroup,               get_config_cgroup,            NULL },
-	{ "lxc.id_map",               set_config_idmaps,               get_config_idmaps,            NULL},
+	{ "lxc.id_map",               set_config_idmaps,               get_config_idmaps,            NULL },
-	{ "lxc.loglevel",             set_config_loglevel,             get_config_loglevel,          NULL},
+	{ "lxc.loglevel",             set_config_loglevel,             get_config_loglevel,          NULL },
-	{ "lxc.logfile",              set_config_logfile,              get_config_logfile,           NULL},
+	{ "lxc.logfile",              set_config_logfile,              get_config_logfile,           NULL },
-	{ "lxc.mount.entry",          set_config_mount,                get_config_mount,             NULL},
+	{ "lxc.mount.entry",          set_config_mount,                get_config_mount,             NULL },
-	{ "lxc.mount.auto",           set_config_mount_auto,           get_config_mount_auto,        NULL},
+	{ "lxc.mount.auto",           set_config_mount_auto,           get_config_mount_auto,        NULL },
-	{ "lxc.mount",                set_config_fstab,	               get_config_fstab,             NULL},
+	{ "lxc.mount",                set_config_fstab,	               get_config_fstab,             NULL },
-	{ "lxc.rootfs.mount",         set_config_rootfs_mount,         get_config_rootfs_mount,      NULL},
+	{ "lxc.rootfs.mount",         set_config_rootfs_mount,         get_config_rootfs_mount,      NULL },
-	{ "lxc.rootfs.options",       set_config_rootfs_options,       get_config_rootfs_options,    NULL},
+	{ "lxc.rootfs.options",       set_config_rootfs_options,       get_config_rootfs_options,    NULL },
-	{ "lxc.rootfs.backend",       set_config_rootfs_backend,       get_config_rootfs_backend,    NULL},
+	{ "lxc.rootfs.backend",       set_config_rootfs_backend,       get_config_rootfs_backend,    NULL },
-	{ "lxc.rootfs",               set_config_rootfs,               get_config_rootfs,            NULL},
+	{ "lxc.rootfs",               set_config_rootfs,               get_config_rootfs,            NULL },
-	{ "lxc.pivotdir",             set_config_pivotdir,             get_config_pivotdir,          NULL},
+	{ "lxc.pivotdir",             set_config_pivotdir,             get_config_pivotdir,          NULL },
-	{ "lxc.utsname",              set_config_utsname,              get_config_utsname,           NULL},
+	{ "lxc.utsname",              set_config_utsname,              get_config_utsname,           NULL },
-	{ "lxc.hook.pre-start",       set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook.pre-start",       set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.hook.pre-mount",       set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook.pre-mount",       set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.hook.mount",           set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook.mount",           set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.hook.autodev",         set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook.autodev",         set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.hook.start",           set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook.start",           set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.hook.stop",            set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook.stop",            set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.hook.post-stop",       set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook.post-stop",       set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.hook.clone",           set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook.clone",           set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.hook.destroy",         set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook.destroy",         set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.hook",                 set_config_hooks,                get_config_hooks,             NULL},
+	{ "lxc.hook",                 set_config_hooks,                get_config_hooks,             NULL },
-	{ "lxc.network.type",         set_config_network_type,         get_config_network_item,      NULL},
+	{ "lxc.network.type",         set_config_network_type,         get_config_network_item,      NULL },
-	{ "lxc.network.flags",        set_config_network_flags,        get_config_network_item,      NULL},
+	{ "lxc.network.flags",        set_config_network_flags,        get_config_network_item,      NULL },
-	{ "lxc.network.link",         set_config_network_link,         get_config_network_item,      NULL},
+	{ "lxc.network.link",         set_config_network_link,         get_config_network_item,      NULL },
-	{ "lxc.network.name",         set_config_network_name,         get_config_network_item,      NULL},
+	{ "lxc.network.name",         set_config_network_name,         get_config_network_item,      NULL },
-	{ "lxc.network.macvlan.mode", set_config_network_macvlan_mode, get_config_network_item,      NULL},
+	{ "lxc.network.macvlan.mode", set_config_network_macvlan_mode, get_config_network_item,      NULL },
-	{ "lxc.network.veth.pair",    set_config_network_veth_pair,    get_config_network_item,      NULL},
+	{ "lxc.network.veth.pair",    set_config_network_veth_pair,    get_config_network_item,      NULL },
-	{ "lxc.network.script.up",    set_config_network_script_up,    get_config_network_item,      NULL},
+	{ "lxc.network.script.up",    set_config_network_script_up,    get_config_network_item,      NULL },
-	{ "lxc.network.script.down",  set_config_network_script_down,  get_config_network_item,      NULL},
+	{ "lxc.network.script.down",  set_config_network_script_down,  get_config_network_item,      NULL },
-	{ "lxc.network.hwaddr",       set_config_network_hwaddr,       get_config_network_item,      NULL},
+	{ "lxc.network.hwaddr",       set_config_network_hwaddr,       get_config_network_item,      NULL },
-	{ "lxc.network.mtu",          set_config_network_mtu,          get_config_network_item,      NULL},
+	{ "lxc.network.mtu",          set_config_network_mtu,          get_config_network_item,      NULL },
-	{ "lxc.network.vlan.id",      set_config_network_vlan_id,      get_config_network_item,      NULL},
+	{ "lxc.network.vlan.id",      set_config_network_vlan_id,      get_config_network_item,      NULL },
-	{ "lxc.network.ipv4.gateway", set_config_network_ipv4_gateway, get_config_network_item,      NULL},
+	{ "lxc.network.ipv4.gateway", set_config_network_ipv4_gateway, get_config_network_item,      NULL },
-	{ "lxc.network.ipv4",         set_config_network_ipv4,         get_config_network_item,      NULL},
+	{ "lxc.network.ipv4",         set_config_network_ipv4,         get_config_network_item,      NULL },
-	{ "lxc.network.ipv6.gateway", set_config_network_ipv6_gateway, get_config_network_item,      NULL},
+	{ "lxc.network.ipv6.gateway", set_config_network_ipv6_gateway, get_config_network_item,      NULL },
-	{ "lxc.network.ipv6",         set_config_network_ipv6,         get_config_network_item,      NULL},
+	{ "lxc.network.ipv6",         set_config_network_ipv6,         get_config_network_item,      NULL },
-	{ "lxc.network.",             set_config_network_nic,          get_config_network_item,      NULL},
+	{ "lxc.network.",             set_config_network_nic,          get_config_network_item,      NULL },
-	{ "lxc.network",              set_config_network,              get_config_network,           NULL},
+	{ "lxc.network",              set_config_network,              get_config_network,           NULL },
-	{ "lxc.cap.drop",             set_config_cap_drop,             get_config_cap_drop,          NULL},
+	{ "lxc.cap.drop",             set_config_cap_drop,             get_config_cap_drop,          NULL },
-	{ "lxc.cap.keep",             set_config_cap_keep,             get_config_cap_keep,          NULL},
+	{ "lxc.cap.keep",             set_config_cap_keep,             get_config_cap_keep,          NULL },
-	{ "lxc.console.logfile",      set_config_console_logfile,      get_config_console_logfile,   NULL},
+	{ "lxc.console.logfile",      set_config_console_logfile,      get_config_console_logfile,   NULL },
-	{ "lxc.console",              set_config_console,              get_config_console,           NULL},
+	{ "lxc.console",              set_config_console,              get_config_console,           NULL },
-	{ "lxc.seccomp",              set_config_seccomp,              get_config_seccomp,           NULL},
+	{ "lxc.seccomp",              set_config_seccomp,              get_config_seccomp,           NULL },
-	{ "lxc.include",              set_config_includefile,          NULL,                         NULL},
+	{ "lxc.include",              set_config_includefile,          NULL,                         NULL },
-	{ "lxc.autodev",              set_config_autodev,              get_config_autodev,           NULL},
+	{ "lxc.autodev",              set_config_autodev,              get_config_autodev,           NULL },
-	{ "lxc.haltsignal",           set_config_haltsignal,           get_config_haltsignal,        NULL},
+	{ "lxc.haltsignal",           set_config_haltsignal,           get_config_haltsignal,        NULL },
-	{ "lxc.rebootsignal",         set_config_rebootsignal,         get_config_rebootsignal,      NULL},
+	{ "lxc.rebootsignal",         set_config_rebootsignal,         get_config_rebootsignal,      NULL },
-	{ "lxc.stopsignal",           set_config_stopsignal,           get_config_stopsignal,        NULL},
+	{ "lxc.stopsignal",           set_config_stopsignal,           get_config_stopsignal,        NULL },
-	{ "lxc.start.auto",           set_config_start,                get_config_start,             NULL},
+	{ "lxc.start.auto",           set_config_start,                get_config_start,             NULL },
-	{ "lxc.start.delay",          set_config_start,                get_config_start,             NULL},
+	{ "lxc.start.delay",          set_config_start,                get_config_start,             NULL },
-	{ "lxc.start.order",          set_config_start,                get_config_start,             NULL},
+	{ "lxc.start.order",          set_config_start,                get_config_start,             NULL },
-	{ "lxc.monitor.unshare",      set_config_monitor,              get_config_monitor,           NULL},
+	{ "lxc.monitor.unshare",      set_config_monitor,              get_config_monitor,           NULL },
-	{ "lxc.group",                set_config_group,                get_config_group,             NULL},
+	{ "lxc.group",                set_config_group,                get_config_group,             NULL },
-	{ "lxc.environment",          set_config_environment,          get_config_environment,       NULL},
+	{ "lxc.environment",          set_config_environment,          get_config_environment,       NULL },
-	{ "lxc.init_cmd",             set_config_init_cmd,             get_config_init_cmd,          NULL},
+	{ "lxc.init_cmd",             set_config_init_cmd,             get_config_init_cmd,          NULL },
-	{ "lxc.init_uid",             set_config_init_uid,             get_config_init_uid,          NULL},
+	{ "lxc.init_uid",             set_config_init_uid,             get_config_init_uid,          NULL },
-	{ "lxc.init_gid",             set_config_init_gid,             get_config_init_gid,          NULL},
+	{ "lxc.init_gid",             set_config_init_gid,             get_config_init_gid,          NULL },
-	{ "lxc.ephemeral",            set_config_ephemeral,            get_config_ephemeral,         NULL},
+	{ "lxc.ephemeral",            set_config_ephemeral,            get_config_ephemeral,         NULL },
-	{ "lxc.syslog",               set_config_syslog,               get_config_syslog,            NULL},
+	{ "lxc.syslog",               set_config_syslog,               get_config_syslog,            NULL },
-	{ "lxc.no_new_privs",	      set_config_no_new_privs,         get_config_no_new_privs,      NULL},
+	{ "lxc.no_new_privs",	      set_config_no_new_privs,         get_config_no_new_privs,      NULL },
-	{ "lxc.limit",                set_config_limit,                get_config_limit,             NULL},
+	{ "lxc.limit",                set_config_limit,                get_config_limit,             NULL },
 };
 struct signame {
@@ -370,15 +370,14 @@ static const struct signame signames[] = {
 #endif
 };
-static const size_t config_size = sizeof(config)/sizeof(struct lxc_config_t);
+static const size_t config_size = sizeof(config) / sizeof(struct lxc_config_t);
 extern struct lxc_config_t *lxc_getconfig(const char *key)
 {
 	size_t i;
 	for (i = 0; i < config_size; i++)
-		if (!strncmp(config[i].name, key,
+		if (!strncmp(config[i].name, key, strlen(config[i].name)))
-			     strlen(config[i].name)))
 			return &config[i];
 	return NULL;
 }
@@ -386,30 +385,38 @@ extern struct lxc_config_t *lxc_getconfig(const char *key)
 #define strprint(str, inlen, ...)                                              \
 	do {                                                                   \
 		len = snprintf(str, inlen, ##__VA_ARGS__);                     \
-		if (len < 0) { SYSERROR("snprintf"); return -1; }; \
+		if (len < 0) {                                                 \
+			SYSERROR("failed to create string");                   \
+			return -1;                                             \
+		};                                                             \
 		fulllen += len;                                                \
 		if (inlen > 0) {                                               \
-			if (str) str += len; \
+			if (str)                                               \
+				str += len;                                    \
 			inlen -= len;                                          \
-			if (inlen < 0) inlen = 0; \
+			if (inlen < 0)                                         \
+				inlen = 0;                                     \
 		}                                                              \
 	} while (0);
 int lxc_listconfigs(char *retv, int inlen)
 {
 	size_t i;
-	int fulllen = 0, len;
+	int len;
+	int fulllen = 0;
 	if (!retv)
 		inlen = 0;
 	else
 		memset(retv, 0, inlen);
 	for (i = 0; i < config_size; i++) {
 		char *s = config[i].name;
-		if (s[strlen(s)-1] == '.')
+		if (s[strlen(s) - 1] == '.')
 			continue;
 		strprint(retv, inlen, "%s\n", s);
 	}
 	return fulllen;
 }
@@ -459,10 +466,9 @@ static int set_config_path_item(char **conf_item, const char *value)
 }
 /*
- * config entry is something like "lxc.network.0.ipv4"
+ * Config entry is something like "lxc.network.0.ipv4" the key 'lxc.network.'
- * the key 'lxc.network.' was found.  So we make sure next
+ * was found.  So we make sure next comes an integer, find the right callback
- * comes an integer, find the right callback (by rewriting
+ * (by rewriting the key), and call it.
- * the key), and call it.
 */
 static int set_config_network_nic(const char *key, const char *value,
 				  struct lxc_conf *lxc_conf)
@@ -476,17 +482,19 @@ static int set_config_network_nic(const char *key, const char *value,
 		return -1;
 	}
 	/*
-	 * ok we know that to get here we've got "lxc.network."
+	 * Ok we know that to get here we've got "lxc.network."
 	 * and it isn't any of the other network entries.  So
-	 * after the second . should come an integer (# of defined
+	 * after the second . Should come an integer (# of defined
 	 * nic) followed by a valid entry.
 	 */
-	if (*(key+12) < '0' || *(key+12) > '9')
+	if (*(key + 12) < '0' || *(key + 12) > '9')
 		goto out;
-	p = strchr(key+12, '.');
+	p = strchr(key + 12, '.');
 	if (!p)
 		goto out;
-	strcpy(copy+12, p+1);
+	strcpy(copy + 12, p + 1);
 	config = lxc_getconfig(copy);
 	if (!config) {
 		ERROR("unknown key %s", key);
@@ -549,8 +557,7 @@ static int set_config_network_type(const char *key, const char *value,
 	else if (!strcmp(value, "macvlan")) {
 		netdev->type = LXC_NET_MACVLAN;
 		macvlan_mode(&netdev->priv.macvlan_attr.mode, "private");
-	}
+	} else if (!strcmp(value, "vlan"))
-	else if (!strcmp(value, "vlan"))
 		netdev->type = LXC_NET_VLAN;
 	else if (!strcmp(value, "phys"))
 		netdev->type = LXC_NET_PHYS;
@@ -578,8 +585,8 @@ static int config_ip_prefix(struct in_addr *addr)
 }
 /*
- * if you have p="lxc.network.0.link", pass it p+12
+ * If you have p="lxc.network.0.link", pass it p+12
- * to get back '0' (the index of the nic)
+ * to get back '0' (the index of the nic).
 */
 static int get_network_netdev_idx(const char *key)
 {
@@ -587,40 +594,48 @@ static int get_network_netdev_idx(const char *key)
 	if (*key < '0' || *key > '9')
 		return -1;
 	ret = sscanf(key, "%d", &idx);
 	if (ret != 1)
 		return -1;
 	return idx;
 }
 /*
- * if you have p="lxc.network.0", pass this p+12 and it will return
+ * If you have p="lxc.network.0", pass this p+12 and it will return
- * the netdev of the first configured nic
+ * the netdev of the first configured nic.
 */
 static struct lxc_netdev *get_netdev_from_key(const char *key,
 					      struct lxc_list *network)
 {
-	int i = 0, idx = get_network_netdev_idx(key);
+	int idx;
-	struct lxc_netdev *netdev = NULL;
 	struct lxc_list *it;
+	int i = 0;
+	struct lxc_netdev *netdev = NULL;
+	idx = get_network_netdev_idx(key);
 	if (idx == -1)
 		return NULL;
 	lxc_list_for_each(it, network) {
 		if (idx == i++) {
 			netdev = it->elem;
 			break;
 		}
 	}
 	return netdev;
 }
-extern int lxc_list_nicconfigs(struct lxc_conf *c, const char *key,
+extern int lxc_list_nicconfigs(struct lxc_conf *c, const char *key, char *retv,
-			       char *retv, int inlen)
+			       int inlen)
 {
 	struct lxc_netdev *netdev;
-	int fulllen = 0, len;
+	int len;
+	int fulllen = 0;
-	netdev = get_netdev_from_key(key+12, &c->network);
+	netdev = get_netdev_from_key(key + 12, &c->network);
 	if (!netdev)
 		return -1;
@@ -643,7 +658,8 @@ extern int lxc_list_nicconfigs(struct lxc_conf *c, const char *key,
 		strprint(retv, inlen, "ipv4\n");
 		strprint(retv, inlen, "ipv4.gateway\n");
 	}
-	switch(netdev->type) {
+	switch (netdev->type) {
 	case LXC_NET_VETH:
 		strprint(retv, inlen, "veth.pair\n");
 		break;
@@ -656,6 +672,7 @@ extern int lxc_list_nicconfigs(struct lxc_conf *c, const char *key,
 	case LXC_NET_PHYS:
 		break;
 	}
 	return fulllen;
 }
@@ -665,19 +682,19 @@ static struct lxc_netdev *network_netdev(const char *key, const char *value,
 	struct lxc_netdev *netdev = NULL;
 	if (lxc_list_empty(network)) {
-		ERROR("network is not created for '%s' = '%s' option",
+		ERROR("network is not created for '%s' = '%s' option", key,
-		      key, value);
+		      value);
 		return NULL;
 	}
-	if (get_network_netdev_idx(key+12) == -1)
+	if (get_network_netdev_idx(key + 12) == -1)
 		netdev = lxc_list_last_elem(network);
 	else
-		netdev = get_netdev_from_key(key+12, network);
+		netdev = get_netdev_from_key(key + 12, network);
 	if (!netdev) {
-		ERROR("no network device defined for '%s' = '%s' option",
+		ERROR("no network device defined for '%s' = '%s' option", key,
-		      key, value);
+		      value);
 		return NULL;
 	}
@@ -690,19 +707,19 @@ static int network_ifname(char **valuep, const char *value)
 }
 #ifndef MACVLAN_MODE_PRIVATE
-#  define MACVLAN_MODE_PRIVATE 1
+#define MACVLAN_MODE_PRIVATE 1
 #endif
 #ifndef MACVLAN_MODE_VEPA
-#  define MACVLAN_MODE_VEPA 2
+#define MACVLAN_MODE_VEPA 2
 #endif
 #ifndef MACVLAN_MODE_BRIDGE
-#  define MACVLAN_MODE_BRIDGE 4
+#define MACVLAN_MODE_BRIDGE 4
 #endif
 #ifndef MACVLAN_MODE_PASSTHRU
-#  define MACVLAN_MODE_PASSTHRU 8
+#define MACVLAN_MODE_PASSTHRU 8
 #endif
 static int macvlan_mode(int *valuep, const char *value)
@@ -719,7 +736,7 @@ static int macvlan_mode(int *valuep, const char *value)
 	size_t i;
-	for (i = 0; i < sizeof(m)/sizeof(m[0]); i++) {
+	for (i = 0; i < sizeof(m) / sizeof(m[0]); i++) {
 		if (strcmp(m[i].name, value))
 			continue;
@@ -738,13 +755,14 @@ static int rand_complete_hwaddr(char *hwaddr)
 #ifndef HAVE_RAND_R
 	randseed(true);
 #else
-	unsigned int seed=randseed(false);
+	unsigned int seed;
+	seed = randseed(false);
 #endif
-	while (*curs != '\0' && *curs != '\n')
+	while (*curs != '\0' && *curs != '\n') {
-	{
+		if (*curs == 'x' || *curs == 'X') {
-		if ( *curs == 'x' || *curs == 'X' ) {
 			if (curs - hwaddr == 1) {
-				//ensure address is unicast
+				/* ensure address is unicast */
 #ifdef HAVE_RAND_R
 				*curs = hex[rand_r(&seed) & 0x0E];
 			} else {
@@ -775,7 +793,8 @@ static int set_config_network_flags(const char *key, const char *value,
 	return 0;
 }
-static int set_network_link(const char *key, const char *value, struct lxc_conf *lxc_conf)
+static int set_network_link(const char *key, const char *value,
+			    struct lxc_conf *lxc_conf)
 {
 	struct lxc_netdev *netdev;
@@ -789,10 +808,11 @@ static int set_network_link(const char *key, const char *value, struct lxc_conf 
 static int create_matched_ifnames(const char *value, struct lxc_conf *lxc_conf)
 {
 	struct ifaddrs *ifaddr, *ifa;
+	int n;
+	int ret = 0;
 	const char *type_key = "lxc.network.type";
 	const char *link_key = "lxc.network.link";
 	const char *tmpvalue = "phys";
-	int n, ret = 0;
 	if (getifaddrs(&ifaddr) == -1) {
 		SYSERROR("Get network interfaces failed");
@@ -805,10 +825,12 @@ static int create_matched_ifnames(const char *value, struct lxc_conf *lxc_conf)
 		if (ifa->ifa_addr->sa_family != AF_PACKET)
 			continue;
-		if (!strncmp(value, ifa->ifa_name, strlen(value)-1)) {
+		if (!strncmp(value, ifa->ifa_name, strlen(value) - 1)) {
-			ret = set_config_network_type(type_key, tmpvalue, lxc_conf);
+			ret = set_config_network_type(type_key, tmpvalue,
+						      lxc_conf);
 			if (!ret) {
-				ret = set_network_link(link_key, ifa->ifa_name, lxc_conf);
+				ret = set_network_link(link_key, ifa->ifa_name,
+						       lxc_conf);
 				if (ret) {
 					ERROR("failed to create matched ifnames");
 					break;
@@ -820,8 +842,8 @@ static int create_matched_ifnames(const char *value, struct lxc_conf *lxc_conf)
 		}
 	}
-	freeifaddrs(ifaddr); /* free the dynamic memory */
+	freeifaddrs(ifaddr);
-	ifaddr = NULL;	    /* prevent use after free */
+	ifaddr = NULL;
 	return ret;
 }
@@ -830,7 +852,7 @@ static int set_config_network_link(const char *key, const char *value,
 				   struct lxc_conf *lxc_conf)
 {
 	struct lxc_netdev *netdev;
-	struct lxc_list * it;
+	struct lxc_list *it;
 	int ret = 0;
 	netdev = network_netdev(key, value, &lxc_conf->network);
@@ -838,17 +860,17 @@ static int set_config_network_link(const char *key, const char *value,
 		return -1;
 	if (value[strlen(value) - 1] == '+' && netdev->type == LXC_NET_PHYS) {
-		//get the last network list and remove it.
+		/* Get the last network list and remove it. */
 		it = lxc_conf->network.prev;
 		if (((struct lxc_netdev *)(it->elem))->type != LXC_NET_PHYS) {
-			ERROR("lxc config cannot support string pattern matching for this link type");
+			ERROR("lxc config cannot support string pattern "
+			      "matching for this link type");
 			return -1;
 		}
 		lxc_list_del(it);
 		free(it);
 		ret = create_matched_ifnames(value, lxc_conf);
 	} else {
 		ret = network_ifname(&netdev->link, value);
 	}
@@ -881,6 +903,7 @@ static int set_config_network_veth_pair(const char *key, const char *value,
 		ERROR("Invalid veth pair for a non-veth netdev");
 		return -1;
 	}
 	return network_ifname(&netdev->priv.veth_attr.pair, value);
 }
@@ -897,6 +920,7 @@ static int set_config_network_macvlan_mode(const char *key, const char *value,
 		ERROR("Invalid macvlan.mode for a non-macvlan netdev");
 		return -1;
 	}
 	return macvlan_mode(&netdev->priv.macvlan_attr.mode, value);
 }
@@ -904,10 +928,11 @@ static int set_config_network_hwaddr(const char *key, const char *value,
 				     struct lxc_conf *lxc_conf)
 {
 	struct lxc_netdev *netdev;
+	char *new_value;
-	char *new_value = strdup(value);
+	new_value = strdup(value);
 	if (!new_value) {
-		SYSERROR("failed to strdup '%s': %m", value);
+		SYSERROR("failed to strdup \"%s\"", value);
 		return -1;
 	}
 	rand_complete_hwaddr(new_value);
@@ -941,6 +966,7 @@ static int set_config_network_vlan_id(const char *key, const char *value,
 		ERROR("Invalid vlan.id for a non-macvlan netdev");
 		return -1;
 	}
 	if (get_u16(&netdev->priv.vlan_attr.vid, value, 0))
 		return -1;
@@ -965,7 +991,8 @@ static int set_config_network_ipv4(const char *key, const char *value,
 	struct lxc_netdev *netdev;
 	struct lxc_inetdev *inetdev;
 	struct lxc_list *list;
-	char *cursor, *slash, *addr = NULL, *bcast = NULL, *prefix = NULL;
+	char *cursor, *slash;
+	char *addr = NULL, *bcast = NULL, *prefix = NULL;
 	if (config_value_empty(value))
 		return lxc_clear_config_item(lxc_conf, key);
@@ -1027,7 +1054,7 @@ static int set_config_network_ipv4(const char *key, const char *value,
 		return -1;
 	}
-	/* no prefix specified, determine it from the network class */
+	/* No prefix specified, determine it from the network class. */
 	if (prefix) {
 		if (lxc_safe_uint(prefix, &inetdev->prefix) < 0)
 			return -1;
@@ -1035,8 +1062,8 @@ static int set_config_network_ipv4(const char *key, const char *value,
 		inetdev->prefix = config_ip_prefix(&inetdev->addr);
 	}
-	/* if no broadcast address, let compute one from the
+	/* If no broadcast address, let compute one from the
-	 * prefix and address
+	 * prefix and address.
 	 */
 	if (!bcast) {
 		inetdev->bcast.s_addr = inetdev->addr.s_addr;
@@ -1094,8 +1121,7 @@ static int set_config_network_ipv6(const char *key, const char *value,
 	struct lxc_netdev *netdev;
 	struct lxc_inet6dev *inet6dev;
 	struct lxc_list *list;
-	char *slash,*valdup;
+	char *slash, *valdup, *netmask;
-	char *netmask;
 	if (config_value_empty(value))
 		return lxc_clear_config_item(lxc_conf, key);
@@ -1223,6 +1249,7 @@ static int add_hook(struct lxc_conf *lxc_conf, int which, char *hook)
 		free(hook);
 		return -1;
 	}
 	hooklist->elem = hook;
 	lxc_list_add_tail(&lxc_conf->hooks[which], hooklist);
 	return 0;
@@ -1295,6 +1322,7 @@ static int set_config_hooks(const char *key, const char *value,
 		SYSERROR("failed to dup string '%s'", value);
 		return -1;
 	}
 	if (strcmp(key, "lxc.hook.pre-start") == 0)
 		return add_hook(lxc_conf, LXCHOOK_PRESTART, copy);
 	else if (strcmp(key, "lxc.hook.pre-mount") == 0)
@@ -1313,6 +1341,7 @@ static int set_config_hooks(const char *key, const char *value,
 		return add_hook(lxc_conf, LXCHOOK_CLONE, copy);
 	else if (strcmp(key, "lxc.hook.destroy") == 0)
 		return add_hook(lxc_conf, LXCHOOK_DESTROY, copy);
 	SYSERROR("Unknown key: %s", key);
 	free(copy);
 	return -1;
@@ -1426,9 +1455,10 @@ static int set_config_group(const char *key, const char *value,
 		return -1;
 	}
-	/* in case several groups are specified in a single line
+	/* In case several groups are specified in a single line
-	 * split these groups in a single element for the list */
+	 * split these groups in a single element for the list.
-	for (groupptr = groups;;groupptr = NULL) {
+	 */
+	for (groupptr = groups;; groupptr = NULL) {
 		token = strtok_r(groupptr, " \t", &sptr);
 		if (!token) {
 			ret = 0;
@@ -1452,7 +1482,6 @@ static int set_config_group(const char *key, const char *value,
 	}
 	free(groups);
 	return ret;
 }
@@ -1466,20 +1495,19 @@ static int set_config_environment(const char *key, const char *value,
 	list_item = malloc(sizeof(*list_item));
 	if (!list_item)
-		goto freak_out;
+		goto on_error;
 	list_item->elem = strdup(value);
 	if (!list_item->elem)
-		goto freak_out;
+		goto on_error;
 	lxc_list_add_tail(&lxc_conf->environment, list_item);
 	return 0;
-freak_out:
+on_error:
 	free(list_item);
 	return -1;
 }
@@ -1499,7 +1527,8 @@ static int set_config_tty(const char *key, const char *value,
 static int set_config_ttydir(const char *key, const char *value,
 			     struct lxc_conf *lxc_conf)
 {
-	return set_config_string_item_max(&lxc_conf->ttydir, value, NAME_MAX+1);
+	return set_config_string_item_max(&lxc_conf->ttydir, value,
+					  NAME_MAX + 1);
 }
 static int set_config_kmsg(const char *key, const char *value,
@@ -1567,7 +1596,8 @@ static int set_config_logfile(const char *key, const char *value,
 	}
 	/* Store these values in the lxc_conf, and then try to set for actual
-	 * current logging. */
+	 * current logging.
+	 */
 	ret = set_config_path_item(&c->logfile, value);
 	if (ret == 0)
 		ret = lxc_log_set_file(&c->logfd, c->logfile);
@@ -1593,7 +1623,7 @@ static int set_config_loglevel(const char *key, const char *value,
 		newlevel = lxc_log_priority_to_int(value);
 	}
-	/* store these values in the lxc_conf, and then try to set for actual
+	/* Store these values in the lxc_conf, and then try to set for actual
 	 * current logging.
 	 */
 	lxc_conf->loglevel = newlevel;
@@ -1633,23 +1663,26 @@ static int sig_num(const char *sig)
 static int rt_sig_num(const char *signame)
 {
-	int sig_n = 0;
+	int rtmax = 0, sig_n = 0;
-	int rtmax = 0;
 	if (strncasecmp(signame, "max-", 4) == 0) {
 		rtmax = 1;
 	}
 	signame += 4;
 	if (!isdigit(*signame))
 		return -1;
 	sig_n = sig_num(signame);
 	sig_n = rtmax ? SIGRTMAX - sig_n : SIGRTMIN + sig_n;
 	if (sig_n > SIGRTMAX || sig_n < SIGRTMIN)
 		return -1;
 	return sig_n;
 }
-static int sig_parse(const char *signame) {
+static int sig_parse(const char *signame)
+{
 	size_t n;
 	if (isdigit(*signame)) {
@@ -1659,10 +1692,11 @@ static int sig_parse(const char *signame) {
 		if (strncasecmp(signame, "rt", 2) == 0)
 			return rt_sig_num(signame + 2);
 		for (n = 0; n < sizeof(signames) / sizeof((signames)[0]); n++) {
-			if (strcasecmp (signames[n].name, signame) == 0)
+			if (strcasecmp(signames[n].name, signame) == 0)
 				return signames[n].num;
 		}
 	}
 	return -1;
 }
@@ -1730,8 +1764,8 @@ static int set_config_stopsignal(const char *key, const char *value,
 static int set_config_cgroup(const char *key, const char *value,
 			     struct lxc_conf *lxc_conf)
 {
-	char *token = "lxc.cgroup.";
 	char *subkey;
+	char *token = "lxc.cgroup.";
 	struct lxc_list *cglist = NULL;
 	struct lxc_cgroup *cgelem = NULL;
@@ -1739,7 +1773,6 @@ static int set_config_cgroup(const char *key, const char *value,
 		return lxc_clear_cgroups(lxc_conf, key);
 	subkey = strstr(key, token);
 	if (!subkey)
 		return -1;
@@ -1786,12 +1819,13 @@ out:
 	return -1;
 }
-static bool parse_limit_value(const char **value, unsigned long *res) {
+static bool parse_limit_value(const char **value, unsigned long *res)
+{
 	char *endptr = NULL;
-	if (strncmp(*value, "unlimited", sizeof("unlimited")-1) == 0) {
+	if (strncmp(*value, "unlimited", sizeof("unlimited") - 1) == 0) {
 		*res = RLIM_INFINITY;
-		*value += sizeof("unlimited")-1;
+		*value += sizeof("unlimited") - 1;
 		return true;
 	}
@@ -1807,19 +1841,19 @@ static bool parse_limit_value(const char **value, unsigned long *res) {
 static int set_config_limit(const char *key, const char *value,
 			    struct lxc_conf *lxc_conf)
 {
-	struct lxc_list *limlist = NULL;
-	struct lxc_limit *limelem = NULL;
 	struct lxc_list *iter;
 	struct rlimit limit;
 	unsigned long limit_value;
+	struct lxc_list *limlist = NULL;
+	struct lxc_limit *limelem = NULL;
 	if (config_value_empty(value))
 		return lxc_clear_limits(lxc_conf, key);
-	if (strncmp(key, "lxc.limit.", sizeof("lxc.limit.")-1) != 0)
+	if (strncmp(key, "lxc.limit.", sizeof("lxc.limit.") - 1) != 0)
 		return -1;
-	key += sizeof("lxc.limit.")-1;
+	key += sizeof("lxc.limit.") - 1;
 	/* soft limit comes first in the value */
 	if (!parse_limit_value(&value, &limit_value))
@@ -1829,10 +1863,12 @@ static int set_config_limit(const char *key, const char *value,
 	/* skip spaces and a colon */
 	while (isspace(*value))
 		++value;
 	if (*value == ':')
 		++value;
 	else if (*value) /* any other character is an error here */
 		return -1;
 	while (isspace(*value))
 		++value;
@@ -1841,9 +1877,11 @@ static int set_config_limit(const char *key, const char *value,
 		if (!parse_limit_value(&value, &limit_value))
 			return -1;
 		limit.rlim_max = limit_value;
 		/* check for trailing garbage */
 		while (isspace(*value))
 			++value;
 		if (*value)
 			return -1;
 	} else {
@@ -1852,7 +1890,8 @@ static int set_config_limit(const char *key, const char *value,
 	}
 	/* find existing list element */
-	lxc_list_for_each(iter, &lxc_conf->limits) {
+	lxc_list_for_each(iter, &lxc_conf->limits)
+	{
 		limelem = iter->elem;
 		if (!strcmp(key, limelem->resource)) {
 			limelem->limit = limit;
@@ -1917,7 +1956,7 @@ static int set_config_idmaps(const char *key, const char *value,
 	if (!dup)
 		goto on_error;
-	/* A prototypical idmap entry would be: "0 1000 1000000 65536" */
+	/* A prototypical idmap entry would be: "u 1000 1000000 65536" */
 	/* align */
        slide = window = dup;
@@ -2055,7 +2094,13 @@ static int set_config_mount_auto(const char *key, const char *value,
 				 struct lxc_conf *lxc_conf)
 {
 	char *autos, *autoptr, *sptr, *token;
-	static struct { const char *token; int mask; int flag; } allowed_auto_mounts[] = {
+	int i;
+	int ret = -1;
+	static struct {
+		const char *token;
+		int mask;
+		int flag;
+	} allowed_auto_mounts[] = {
 	    { "proc",              LXC_AUTO_PROC_MASK,   LXC_AUTO_PROC_MIXED         },
 	    { "proc:mixed",        LXC_AUTO_PROC_MASK,   LXC_AUTO_PROC_MIXED         },
 	    { "proc:rw",           LXC_AUTO_PROC_MASK,   LXC_AUTO_PROC_RW            },
@@ -2075,10 +2120,8 @@ static int set_config_mount_auto(const char *key, const char *value,
 	     *     no options: keep mask and flag identical and just define the
 	     *     enum value as an unused bit so far
 	     */
-		{ NULL, 0 }
+	    { NULL,                0,                    0                           }
 	};
-	int i;
-	int ret = -1;
 	if (config_value_empty(value)) {
 		lxc_conf->auto_mounts = 0;
@@ -2091,7 +2134,7 @@ static int set_config_mount_auto(const char *key, const char *value,
 		return -1;
 	}
-	for (autoptr = autos; ; autoptr = NULL) {
+	for (autoptr = autos;; autoptr = NULL) {
 		token = strtok_r(autoptr, " \t", &sptr);
 		if (!token) {
 			ret = 0;
@@ -2113,7 +2156,6 @@ static int set_config_mount_auto(const char *key, const char *value,
 	}
 	free(autos);
 	return ret;
 }
@@ -2158,9 +2200,10 @@ static int set_config_cap_keep(const char *key, const char *value,
 		return -1;
 	}
-	/* in case several capability keep is specified in a single line
+	/* In case several capability keep is specified in a single line
-	 * split these caps in a single element for the list */
+	 * split these caps in a single element for the list.
-	for (keepptr = keepcaps;;keepptr = NULL) {
+	 */
+	for (keepptr = keepcaps;; keepptr = NULL) {
 		token = strtok_r(keepptr, " \t", &sptr);
 		if (!token) {
 			ret = 0;
@@ -2207,9 +2250,10 @@ static int set_config_cap_drop(const char *key, const char *value,
 		return -1;
 	}
-	/* in case several capability drop is specified in a single line
+	/* In case several capability drop is specified in a single line
-	 * split these caps in a single element for the list */
+	 * split these caps in a single element for the list.
-	for (dropptr = dropcaps;;dropptr = NULL) {
+	 */
+	for (dropptr = dropcaps;; dropptr = NULL) {
 		token = strtok_r(dropptr, " \t", &sptr);
 		if (!token) {
 			ret = 0;
@@ -2250,11 +2294,11 @@ static int set_config_console_logfile(const char *key, const char *value,
 }
 /*
- * If we find a lxc.network.hwaddr in the original config file,
+ * If we find a lxc.network.hwaddr in the original config file, we expand it in
- * we expand it in the unexpanded_config, so that after a save_config
+ * the unexpanded_config, so that after a save_config we store the hwaddr for
- * we store the hwaddr for re-use.
+ * re-use.
- * This is only called when reading the config file, not when executing
+ * This is only called when reading the config file, not when executing a
- * a lxc.include.
+ * lxc.include.
 * 'x' and 'X' are substituted in-place.
 */
 static void update_hwaddr(const char *line)
@@ -2264,14 +2308,19 @@ static void update_hwaddr(const char *line)
 	line += lxc_char_left_gc(line, strlen(line));
 	if (line[0] == '#')
 		return;
 	if (strncmp(line, "lxc.network.hwaddr", 18) != 0)
 		return;
+	/* Let config_network_hwaddr raise the error. */
 	p = strchr(line, '=');
 	if (!p)
-		return;  // let config_network_hwaddr raise the error
+		return;
 	p++;
 	while (isblank(*p))
 		p++;
 	if (!*p)
 		return;
@@ -2285,9 +2334,11 @@ int append_unexp_config_line(const char *line, struct lxc_conf *conf)
 	update_hwaddr(line);
 	while (conf->unexpanded_alloced <= len + linelen + 2) {
-		char *tmp = realloc(conf->unexpanded_config, conf->unexpanded_alloced + 1024);
+		char *tmp = realloc(conf->unexpanded_config,
+				    conf->unexpanded_alloced + 1024);
 		if (!tmp)
 			return -1;
 		if (!conf->unexpanded_config)
 			*tmp = '\0';
 		conf->unexpanded_config = tmp;
@@ -2295,7 +2346,7 @@ int append_unexp_config_line(const char *line, struct lxc_conf *conf)
 	}
 	strcat(conf->unexpanded_config, line);
 	conf->unexpanded_len += linelen;
-	if (line[linelen-1] != '\n') {
+	if (line[linelen - 1] != '\n') {
 		strcat(conf->unexpanded_config, "\n");
 		conf->unexpanded_len++;
 	}
@@ -2307,7 +2358,8 @@ static int do_includedir(const char *dirp, struct lxc_conf *lxc_conf)
 	struct dirent *direntp;
 	DIR *dir;
 	char path[MAXPATHLEN];
-	int ret = -1, len;
+	int len;
+	int ret = -1;
 	dir = opendir(dirp);
 	if (!dir) {
@@ -2328,7 +2380,7 @@ static int do_includedir(const char *dirp, struct lxc_conf *lxc_conf)
 			continue;
 		len = strlen(fnam);
-		if (len < 6 || strncmp(fnam+len-5, ".conf", 5) != 0)
+		if (len < 6 || strncmp(fnam + len - 5, ".conf", 5) != 0)
 			continue;
 		len = snprintf(path, MAXPATHLEN, "%s/%s", dirp, fnam);
 		if (len < 0 || len >= MAXPATHLEN) {
@@ -2445,12 +2497,9 @@ struct parse_line_conf {
 static int parse_line(char *buffer, void *data)
 {
 	struct lxc_config_t *config;
-	char *line, *linep;
+	char *dot, *key, *line, *linep, *value;
-	char *dot;
-	char *key;
-	char *value;
-	int ret = 0;
 	struct parse_line_conf *plc = data;
+	int ret = 0;
 	if (lxc_is_line_empty(buffer))
 		return 0;
@@ -2498,8 +2547,8 @@ static int parse_line(char *buffer, void *data)
 	if (*value == '\'' || *value == '\"') {
 		size_t len = strlen(value);
-		if (len > 1 && value[len-1] == *value) {
+		if (len > 1 && value[len - 1] == *value) {
-			value[len-1] = '\0';
+			value[len - 1] = '\0';
 			value++;
 		}
 	}
@@ -2534,18 +2583,18 @@ int lxc_config_read(const char *file, struct lxc_conf *conf, bool from_include)
 	c.conf = conf;
 	c.from_include = from_include;
-	if( access(file, R_OK) == -1 ) {
+	if (access(file, R_OK) == -1) {
 		return -1;
 	}
 	/* Catch only the top level config file name in the structure */
-	if(!conf->rcfile)
+	if (!conf->rcfile)
 		conf->rcfile = strdup(file);
 	return lxc_file_for_each_line(file, parse_line, &c);
 }
-int lxc_config_define_add(struct lxc_list *defines, char* arg)
+int lxc_config_define_add(struct lxc_list *defines, char *arg)
 {
 	struct lxc_list *dent;
@@ -2560,7 +2609,7 @@ int lxc_config_define_add(struct lxc_list *defines, char* arg)
 int lxc_config_define_load(struct lxc_list *defines, struct lxc_conf *conf)
 {
-	struct lxc_list *it,*next;
+	struct lxc_list *it, *next;
 	int ret = 0;
 	lxc_list_for_each(it, defines) {
@@ -2579,7 +2628,8 @@ int lxc_config_define_load(struct lxc_list *defines, struct lxc_conf *conf)
 signed long lxc_config_parse_arch(const char *arch)
 {
-	#if HAVE_SYS_PERSONALITY_H
+#if HAVE_SYS_PERSONALITY_H
+	size_t i;
 	struct per_name {
 		char *name;
 		unsigned long per;
@@ -2614,13 +2664,11 @@ signed long lxc_config_parse_arch(const char *arch)
 	};
 	size_t len = sizeof(pername) / sizeof(pername[0]);
-	size_t i;
 	for (i = 0; i < len; i++) {
 		if (!strcmp(pername[i].name, arch))
 			return pername[i].per;
 	}
-	#endif
+#endif
 	return -1;
 }
@@ -2629,7 +2677,10 @@ int lxc_fill_elevated_privileges(char *flaglist, int *flags)
 {
 	char *token, *saveptr = NULL;
 	int i, aflag;
-	struct { const char *token; int flag; } all_privs[] = {
+	struct {
+		const char *token;
+		int flag;
+	} all_privs[] = {
 		{ "CGROUP", LXC_ATTACH_MOVE_TO_CGROUP    },
 		{ "CAP",    LXC_ATTACH_DROP_CAPABILITIES },
 		{ "LSM",    LXC_ATTACH_LSM_EXEC          },
@@ -2637,8 +2688,9 @@ int lxc_fill_elevated_privileges(char *flaglist, int *flags)
 	};
 	if (!flaglist) {
-		/* for the sake of backward compatibility, drop all privileges
+		/* For the sake of backward compatibility, drop all privileges
-		   if none is specified */
+		 * if none is specified.
+		 */
 		for (i = 0; all_privs[i].token; i++) {
 			*flags |= all_privs[i].flag;
 		}
@@ -2659,6 +2711,7 @@ int lxc_fill_elevated_privileges(char *flaglist, int *flags)
 		token = strtok_r(NULL, "|", &saveptr);
 	}
 	return 0;
 }
@@ -2837,22 +2890,22 @@ int lxc_clear_config_item(struct lxc_conf *c, const char *key)
 	return ret;
 }
-/*
+/* Write out a configuration file. */
- * writing out a confile.
- */
 void write_config(FILE *fout, struct lxc_conf *c)
 {
-	size_t len = c->unexpanded_len;
 	int ret;
+	size_t len = c->unexpanded_len;
 	if (!len)
 		return;
 	ret = fwrite(c->unexpanded_config, 1, len, fout);
 	if (ret != len)
 		SYSERROR("Error writing configuration file");
 }
-bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key, const char *v)
+bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key,
+				 const char *v)
 {
 	int ret;
 	size_t len;
@@ -2875,12 +2928,15 @@ bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key, const c
 	return true;
 }
-void clear_unexp_config_line(struct lxc_conf *conf, const char *key, bool rm_subkeys)
+void clear_unexp_config_line(struct lxc_conf *conf, const char *key,
+			     bool rm_subkeys)
 {
-	char *lstart = conf->unexpanded_config, *lend;
+	char *lend;
+	char *lstart = conf->unexpanded_config;
 	if (!conf->unexpanded_config)
 		return;
 	while (*lstart) {
 		lend = strchr(lstart, '\n');
 		char v;
@@ -2904,7 +2960,7 @@ void clear_unexp_config_line(struct lxc_conf *conf, const char *key, bool rm_sub
 			*lstart = '\0';
 			return;
 		}
-		memmove(lstart, lend, strlen(lend)+1);
+		memmove(lstart, lend, strlen(lend) + 1);
 	}
 }
@@ -2912,45 +2968,54 @@ bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
 				  const char *newpath, const char *oldname,
 				  const char *newname, const char *ovldir)
 {
-	const char *key = "lxc.mount.entry";
 	int ret;
+	char *lend, *newdir, *olddir, *p, *q;
+	size_t newdirlen, olddirlen;
 	char *lstart = conf->unexpanded_config;
-	char *lend;
+	const char *key = "lxc.mount.entry";
-	char *p;
-	char *q;
-	size_t newdirlen = strlen(ovldir) + strlen(newpath) + strlen(newname) + 2;
-	size_t olddirlen = strlen(ovldir) + strlen(oldpath) + strlen(oldname) + 2;
-	char *olddir = alloca(olddirlen + 1);
-	char *newdir = alloca(newdirlen + 1);
-	ret = snprintf(olddir, olddirlen + 1, "%s=%s/%s", ovldir, oldpath, oldname);
+	olddirlen = strlen(ovldir) + strlen(oldpath) + strlen(oldname) + 2;
+	olddir = alloca(olddirlen + 1);
+	ret = snprintf(olddir, olddirlen + 1, "%s=%s/%s", ovldir, oldpath,
+		       oldname);
 	if (ret < 0 || ret >= olddirlen + 1) {
-		ERROR("Bug in %s", __func__);
+		ERROR("failed to create string");
 		return false;
 	}
-	ret = snprintf(newdir, newdirlen + 1, "%s=%s/%s", ovldir, newpath, newname);
+	newdirlen = strlen(ovldir) + strlen(newpath) + strlen(newname) + 2;
+	newdir = alloca(newdirlen + 1);
+	ret = snprintf(newdir, newdirlen + 1, "%s=%s/%s", ovldir, newpath,
+		       newname);
 	if (ret < 0 || ret >= newdirlen + 1) {
-		ERROR("Bug in %s", __func__);
+		ERROR("failed to create string");
 		return false;
 	}
 	if (!conf->unexpanded_config)
 		return true;
 	while (*lstart) {
 		lend = strchr(lstart, '\n');
 		if (!lend)
 			lend = lstart + strlen(lstart);
 		else
 			lend++;
 		if (strncmp(lstart, key, strlen(key)) != 0)
 			goto next;
 		p = strchr(lstart + strlen(key), '=');
 		if (!p)
 			goto next;
 		p++;
 		while (isblank(*p))
 			p++;
 		if (p >= lend)
 			goto next;
 		/* Whenever an lxc.mount.entry entry is found in a line we check
 		*  if the substring " overlay" or the substring " aufs" is
 		*  present before doing any further work. We check for "
@@ -2960,8 +3025,10 @@ bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
 		*  missing it is very likely that these substrings are part of a
 		*  path or something else. (Checking q >= lend ensures that we
 		*  only count matches in the current line.) */
-		if ((!(q = strstr(p, " overlay")) || q >= lend) && (!(q = strstr(p, " aufs")) || q >= lend))
+		if ((!(q = strstr(p, " overlay")) || q >= lend) &&
+		    (!(q = strstr(p, " aufs")) || q >= lend))
 			goto next;
 		if (!(q = strstr(p, olddir)) || (q >= lend))
 			goto next;
@@ -2981,6 +3048,7 @@ bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
 			size_t oldlen = conf->unexpanded_len;
 			size_t newlen = oldlen + diff;
 			size_t poffset = q - conf->unexpanded_config;
 			new = realloc(conf->unexpanded_config, newlen + 1);
 			if (!new) {
 				ERROR("Out of memory");
@@ -2990,7 +3058,8 @@ bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
 			conf->unexpanded_alloced = newlen + 1;
 			new[newlen - 1] = '\0';
 			lend = new + (lend - conf->unexpanded_config);
-			/* move over the remainder to make room for the newdir */
+			/* move over the remainder to make room for the newdir
+			 */
 			memmove(new + poffset + newdirlen,
 				new + poffset + olddirlen,
 				oldlen - poffset - olddirlen + 1);
@@ -2998,9 +3067,10 @@ bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
 			memcpy(new + poffset, newdir, newdirlen);
 			lend += diff;
 		}
-next:
+	next:
 		lstart = lend;
 	}
 	return true;
 }
@@ -3008,22 +3078,25 @@ bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath,
 			      const char *newpath, const char *oldname,
 			      const char *newname)
 {
-	const char *key = "lxc.hook";
 	int ret;
-	char *lstart = conf->unexpanded_config, *lend, *p;
+	char *lend, *newdir, *olddir, *p;
-	size_t newdirlen = strlen(newpath) + strlen(newname) + 1;
+	char *lstart = conf->unexpanded_config;
-	size_t olddirlen = strlen(oldpath) + strlen(oldname) + 1;
+	size_t newdirlen, olddirlen;
-	char *olddir = alloca(olddirlen + 1);
+	const char *key = "lxc.hook";
-	char *newdir = alloca(newdirlen + 1);
+	olddirlen = strlen(oldpath) + strlen(oldname) + 1;
+	olddir = alloca(olddirlen + 1);
 	ret = snprintf(olddir, olddirlen + 1, "%s/%s", oldpath, oldname);
 	if (ret < 0 || ret >= olddirlen + 1) {
-		ERROR("Bug in %s", __func__);
+		ERROR("failed to create string");
 		return false;
 	}
+	newdirlen = strlen(newpath) + strlen(newname) + 1;
+	newdir = alloca(newdirlen + 1);
 	ret = snprintf(newdir, newdirlen + 1, "%s/%s", newpath, newname);
 	if (ret < 0 || ret >= newdirlen + 1) {
-		ERROR("Bug in %s", __func__);
+		ERROR("failed to create string");
 		return false;
 	}
 	if (!conf->unexpanded_config)
@@ -3034,18 +3107,24 @@ bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath,
 			lend = lstart + strlen(lstart);
 		else
 			lend++;
 		if (strncmp(lstart, key, strlen(key)) != 0)
 			goto next;
 		p = strchr(lstart + strlen(key), '=');
 		if (!p)
 			goto next;
 		p++;
 		while (isblank(*p))
 			p++;
 		if (p >= lend)
 			goto next;
 		if (strncmp(p, olddir, strlen(olddir)) != 0)
 			goto next;
 		/* replace the olddir with newdir */
 		if (olddirlen >= newdirlen) {
 			size_t diff = olddirlen - newdirlen;
@@ -3062,16 +3141,18 @@ bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath,
 			size_t oldlen = conf->unexpanded_len;
 			size_t newlen = oldlen + diff;
 			size_t poffset = p - conf->unexpanded_config;
 			new = realloc(conf->unexpanded_config, newlen + 1);
 			if (!new) {
-				ERROR("Out of memory");
+				ERROR("failed to allocate memory");
 				return false;
 			}
 			conf->unexpanded_len = newlen;
 			conf->unexpanded_alloced = newlen + 1;
 			new[newlen - 1] = '\0';
 			lend = new + (lend - conf->unexpanded_config);
-			/* move over the remainder to make room for the newdir */
+			/* move over the remainder to make room for the newdir
+			 */
 			memmove(new + poffset + newdirlen,
 				new + poffset + olddirlen,
 				oldlen - poffset - olddirlen + 1);
@@ -3079,18 +3160,20 @@ bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath,
 			memcpy(new + poffset, newdir, newdirlen);
 			lend += diff;
 		}
-next:
+	next:
 		lstart = lend;
 	}
 	return true;
 }
-#define DO(cmd) { \
+#define DO(cmd)                                                                \
+	{                                                                      \
 		if (!(cmd)) {                                                  \
 			ERROR("Error writing to new config");                  \
 			return false;                                          \
 		}                                                              \
-}
+	}
 static bool new_hwaddr(char *hwaddr)
 {
@@ -3109,21 +3192,20 @@ static bool new_hwaddr(char *hwaddr)
 }
 /*
- * This is called only from clone.
+ * This is called only from clone.  We wish to update all hwaddrs in the
- * We wish to update all hwaddrs in the unexpanded config file.  We
+ * unexpanded config file.  We can't/don't want to update any which come from
- * can't/don't want to update any which come from lxc.includes (there
+ * lxc.includes (there shouldn't be any).
- * shouldn't be any).
+ * We can't just walk the c->lxc-conf->network list because that includes netifs
- * We can't just walk the c->lxc-conf->network list because that includes
+ * from the include files.  So we update the ones which we find in the unexp
- * netifs from the include files.  So we update the ones which we find in
+ * config file, then find the original macaddr in the conf->network, and update
- * the unexp config file, then find the original macaddr in the
+ * that to the same value.
- * conf->network, and update that to the same value.
 */
 bool network_new_hwaddrs(struct lxc_conf *conf)
 {
+	char *lend, *p, *p2;
 	struct lxc_list *it;
 	const char *key = "lxc.network.hwaddr";
-	char *lstart = conf->unexpanded_config, *lend, *p, *p2;
+	char *lstart = conf->unexpanded_config;
 	if (!conf->unexpanded_config)
 		return true;
@@ -3142,7 +3224,7 @@ bool network_new_hwaddrs(struct lxc_conf *conf)
 			continue;
 		}
-		p = strchr(lstart+strlen(key), '=');
+		p = strchr(lstart + strlen(key), '=');
 		if (!p) {
 			lstart = lend;
 			continue;
@@ -3157,7 +3239,8 @@ bool network_new_hwaddrs(struct lxc_conf *conf)
 		p2 = p;
 		while (*p2 && !isblank(*p2) && *p2 != '\n')
 			p2++;
-		if (p2-p != 17) {
+		if ((p2 - p) != 17) {
 			WARN("Bad hwaddr entry");
 			lstart = lend;
 			continue;
@@ -3169,7 +3252,8 @@ bool network_new_hwaddrs(struct lxc_conf *conf)
 			return false;
 		memcpy(p, newhwaddr, 17);
-		lxc_list_for_each(it, &conf->network) {
+		lxc_list_for_each(it, &conf->network)
+		{
 			struct lxc_netdev *n = it->elem;
 			if (n->hwaddr && memcmp(oldhwaddr, n->hwaddr, 17) == 0)
 				memcpy(n->hwaddr, newhwaddr, 17);
@@ -3195,7 +3279,8 @@ static int set_config_ephemeral(const char *key, const char *value,
 		return -1;
 	if (lxc_conf->ephemeral > 1) {
-		ERROR("Wrong value for lxc.ephemeral. Can only be set to 0 or 1");
+		ERROR(
+		    "Wrong value for lxc.ephemeral. Can only be set to 0 or 1");
 		return -1;
 	}
@@ -3244,7 +3329,8 @@ static int set_config_no_new_privs(const char *key, const char *value,
 		return -1;
 	if (v > 1) {
-		ERROR("Wrong value for lxc.no_new_privs. Can only be set to 0 or 1");
+		ERROR("Wrong value for lxc.no_new_privs. Can only be set to 0 "
+		      "or 1");
 		return -1;
 	}