confile: add getter for lxc.no_new_privs

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: add getter for lxc.no_new_privs
b09521ac · Christian Brauner · 62048afe · b09521ac
Unverified Commit b09521ac authored May 31, 2017 by Christian Brauner
Hide whitespace changes
Inline Side-by-side

Showing with 14 additions and 4 deletions

confile.c src/lxc/confile.c +14 -4

No files found.
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -207,6 +207,8 @@ static int set_config_ephemeral(const char *, const char *, struct lxc_conf *);
 static int get_config_ephemeral(struct lxc_container *, const char *, char *, int);

 static int set_config_no_new_privs(const char *, const char *, struct lxc_conf *);
+static int get_config_no_new_privs(struct lxc_container *, const char *, char *, int);
+
 static int set_config_limit(const char *, const char *, struct lxc_conf *);

 static struct lxc_config_t config[] = {
@@ -279,7 +281,7 @@ static struct lxc_config_t config[] = {
 	{ "lxc.init_gid",             set_config_init_gid,             get_config_init_gid,          NULL},
 	{ "lxc.ephemeral",            set_config_ephemeral,            get_config_ephemeral,         NULL},
 	{ "lxc.syslog",               set_config_syslog,               get_config_syslog,            NULL},
-	{ "lxc.no_new_privs",	      set_config_no_new_privs,	    NULL, NULL},
+	{ "lxc.no_new_privs",	      set_config_no_new_privs,         get_config_no_new_privs,      NULL},
 	{ "lxc.limit",                set_config_limit,                 NULL, NULL},
 };

@@ -2724,9 +2726,7 @@ int lxc_get_config_item(struct lxc_conf *c, const char *key, char *retv,
 {
 	const char *v = NULL;

-	if (strcmp(key, "lxc.no_new_privs") == 0)
-		return lxc_get_conf_int(c, retv, inlen, c->no_new_privs);
-	else if (strcmp(key, "lxc.limit") == 0) // all limits
+	if (strcmp(key, "lxc.limit") == 0) // all limits
 		return lxc_get_limit_entry(c, retv, inlen, "all");
 	else if (strncmp(key, "lxc.limit.", 10) == 0) // specific limit
 		return lxc_get_limit_entry(c, retv, inlen, key + 10);
@@ -2893,6 +2893,9 @@ int lxc_clear_config_item(struct lxc_conf *c, const char *key)
 	} else if (strcmp(key, "lxc.start.order") == 0) {
 		c->start_order = 0;

+	} else if (strcmp(key, "lxc.no_new_privs") == 0) {
+		c->no_new_privs = false;
+
 	} else {
 		ret = -1;
 	}
@@ -4001,3 +4004,10 @@ static int get_config_ephemeral(struct lxc_container *c, const char *key,
 	return lxc_get_conf_int(c->lxc_conf, retv, inlen,
 				c->lxc_conf->ephemeral);
 }
+
+static int get_config_no_new_privs(struct lxc_container *c, const char *key,
+				   char *retv, int inlen)
+{
+	return lxc_get_conf_int(c->lxc_conf, retv, inlen,
+				c->lxc_conf->no_new_privs);
+}