Skip to content

L
lxc
Unverified Commit b09521ac by Christian Brauner
Options

confile: add getter for lxc.no_new_privs

Signed-off-by: 's avatarChristian Brauner <christian.brauner@ubuntu.com>
parent 62048afe
Showing with 14 additions and 4 deletions
src/lxc/confile.c
...@@ -207,6 +207,8 @@ static int set_config_ephemeral(const char *, const char *, struct lxc_conf *); ...@@ -207,6 +207,8 @@ static int set_config_ephemeral(const char *, const char *, struct lxc_conf *);
static int get_config_ephemeral(struct lxc_container *, const char *, char *, int); static int get_config_ephemeral(struct lxc_container *, const char *, char *, int);
static int set_config_no_new_privs(const char *, const char *, struct lxc_conf *); static int set_config_no_new_privs(const char *, const char *, struct lxc_conf *);
static int get_config_no_new_privs(struct lxc_container *, const char *, char *, int);
static int set_config_limit(const char *, const char *, struct lxc_conf *); static int set_config_limit(const char *, const char *, struct lxc_conf *);
static struct lxc_config_t config[] = { static struct lxc_config_t config[] = {
...@@ -279,7 +281,7 @@ static struct lxc_config_t config[] = { ...@@ -279,7 +281,7 @@ static struct lxc_config_t config[] = {
{ "lxc.init_gid", set_config_init_gid, get_config_init_gid, NULL}, { "lxc.init_gid", set_config_init_gid, get_config_init_gid, NULL},
{ "lxc.ephemeral", set_config_ephemeral, get_config_ephemeral, NULL}, { "lxc.ephemeral", set_config_ephemeral, get_config_ephemeral, NULL},
{ "lxc.syslog", set_config_syslog, get_config_syslog, NULL}, { "lxc.syslog", set_config_syslog, get_config_syslog, NULL},
{ "lxc.no_new_privs", set_config_no_new_privs, NULL, NULL}, { "lxc.no_new_privs", set_config_no_new_privs, get_config_no_new_privs, NULL},
{ "lxc.limit", set_config_limit, NULL, NULL}, { "lxc.limit", set_config_limit, NULL, NULL},
}; };
...@@ -2724,9 +2726,7 @@ int lxc_get_config_item(struct lxc_conf *c, const char *key, char *retv, ...@@ -2724,9 +2726,7 @@ int lxc_get_config_item(struct lxc_conf *c, const char *key, char *retv,
{ {
const char *v = NULL; const char *v = NULL;
if (strcmp(key, "lxc.no_new_privs") == 0) if (strcmp(key, "lxc.limit") == 0) // all limits
return lxc_get_conf_int(c, retv, inlen, c->no_new_privs);
else if (strcmp(key, "lxc.limit") == 0) // all limits
return lxc_get_limit_entry(c, retv, inlen, "all"); return lxc_get_limit_entry(c, retv, inlen, "all");
else if (strncmp(key, "lxc.limit.", 10) == 0) // specific limit else if (strncmp(key, "lxc.limit.", 10) == 0) // specific limit
return lxc_get_limit_entry(c, retv, inlen, key + 10); return lxc_get_limit_entry(c, retv, inlen, key + 10);
...@@ -2893,6 +2893,9 @@ int lxc_clear_config_item(struct lxc_conf *c, const char *key) ...@@ -2893,6 +2893,9 @@ int lxc_clear_config_item(struct lxc_conf *c, const char *key)
} else if (strcmp(key, "lxc.start.order") == 0) { } else if (strcmp(key, "lxc.start.order") == 0) {
c->start_order = 0; c->start_order = 0;
} else if (strcmp(key, "lxc.no_new_privs") == 0) {
c->no_new_privs = false;
} else { } else {
ret = -1; ret = -1;
} }
...@@ -4001,3 +4004,10 @@ static int get_config_ephemeral(struct lxc_container *c, const char *key, ...@@ -4001,3 +4004,10 @@ static int get_config_ephemeral(struct lxc_container *c, const char *key,
return lxc_get_conf_int(c->lxc_conf, retv, inlen, return lxc_get_conf_int(c->lxc_conf, retv, inlen,
c->lxc_conf->ephemeral); c->lxc_conf->ephemeral);
} }
static int get_config_no_new_privs(struct lxc_container *c, const char *key,
char *retv, int inlen)
{
return lxc_get_conf_int(c->lxc_conf, retv, inlen,
c->lxc_conf->no_new_privs);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment