Add support for setting lxc-execute init UID/GID via configuration file

Signed-off-by: Patrick Toomey <ptoomey3@biasedcoin.com>

Add support for setting lxc-execute init UID/GID via configuration file
72bb04e4 · Patrick Toomey · fd9f399b · 72bb04e4 · 72bb04e4 · 72bb04e4
Commit 72bb04e4 authored Aug 19, 2015 by Patrick Toomey
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 3 deletions

conf.c src/lxc/conf.c +5 -0

conf.h src/lxc/conf.h +2 -2

confile.c src/lxc/confile.c +19 -1

No files found.
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2604,6 +2604,11 @@ struct lxc_conf *lxc_conf_init(void)
 	for (i = 0; i < LXC_NS_MAX; i++)
 		new->inherit_ns_fd[i] = -1;
+	/* if running in a new user namespace, init and COMMAND
+	 * default to running as UID/GID 0 when using lxc-execute */
+	new->init_uid = 0;
+	new->init_gid = 0;
 	return new;
 }

--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -366,8 +366,8 @@ struct lxc_conf {
 	/* init command */
 	char *init_cmd;
-	/* if running in a new user namespace, the UID/GID that COMMAND for
+	/* if running in a new user namespace, the UID/GID that init and COMMAND
-	 * lxc-execute should run under */
+	 * should run under when using lxc-execute */
 	uid_t init_uid;
 	gid_t init_gid;
 };

--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -104,6 +104,8 @@ static int config_start(const char *, const char *, struct lxc_conf *);
 static int config_group(const char *, const char *, struct lxc_conf *);
 static int config_environment(const char *, const char *, struct lxc_conf *);
 static int config_init_cmd(const char *, const char *, struct lxc_conf *);
+static int config_init_uid(const char *, const char *, struct lxc_conf *);
+static int config_init_gid(const char *, const char *, struct lxc_conf *);
 static struct lxc_config_t config[] = {
@@ -168,6 +170,8 @@ static struct lxc_config_t config[] = {
 	{ "lxc.group",                config_group                },
 	{ "lxc.environment",          config_environment          },
 	{ "lxc.init_cmd",             config_init_cmd             },
+	{ "lxc.init_uid",             config_init_uid             },
+	{ "lxc.init_gid",             config_init_gid             },
 };
 struct signame {
@@ -1034,11 +1038,25 @@ static int config_init_cmd(const char *key, const char *value,
 	return config_path_item(&lxc_conf->init_cmd, value);
 }
+static int config_init_uid(const char *key, const char *value,
+				 struct lxc_conf *lxc_conf)
+{
+	lxc_conf->init_uid = atoi(value);
+	return 0;
+}
+static int config_init_gid(const char *key, const char *value,
+				 struct lxc_conf *lxc_conf)
+{
+	lxc_conf->init_gid = atoi(value);
+	return 0;
+}
 static int config_hook(const char *key, const char *value,
 				 struct lxc_conf *lxc_conf)
 {
 	char *copy;
 	if (!value || strlen(value) == 0)
 		return lxc_clear_hooks(lxc_conf, key);