Merge pull request #2452 from brauner/2018-07-06/build_static_liblxc

static liblxc, always create /dev directory when autodev = 1, open("/dev/null") opportunistically

Merge pull request #2452 from brauner/2018-07-06/build_static_liblxc
f2c0c2bf · Stéphane Graber · GitHub · 19400b4d · f4c177c3 · f2c0c2bf
Unverified Commit f2c0c2bf authored Jul 09, 2018 by Stéphane Graber Committed by GitHub Jul 09, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 55 additions and 41 deletions

Makefile.am src/lxc/Makefile.am +25 -20

conf.c src/lxc/conf.c +24 -15

start.c src/lxc/start.c +6 -6

No files found.
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -141,16 +141,20 @@ liblxc_la_SOURCES += \
 	../include/lxcmntent.c ../include/lxcmntent.h
 endif
+if !HAVE_GETLINE
+if HAVE_FGETLN
+liblxc_la_SOURCES += ../include/getline.c ../include/getline.h
+endif
+endif
 if !HAVE_PRLIMIT
 if HAVE_PRLIMIT64
 liblxc_la_SOURCES += ../include/prlimit.c ../include/prlimit.h
 endif
 endif
-if !HAVE_GETLINE
+if ENABLE_SECCOMP
-if HAVE_FGETLN
+liblxc_la_SOURCES += seccomp.c
-liblxc_la_SOURCES += ../include/getline.c ../include/getline.h
-endif
 endif
 if !HAVE_STRLCPY
@@ -192,6 +196,10 @@ if ENABLE_GNUTLS
 AM_CFLAGS += -DHAVE_LIBGNUTLS
 endif
+if ENABLE_SECCOMP
+AM_CFLAGS += -DHAVE_SECCOMP $(SECCOMP_CFLAGS)
+endif
 if ENABLE_SELINUX
 AM_CFLAGS += -DHAVE_SELINUX
 endif
@@ -200,20 +208,20 @@ if USE_CONFIGPATH_LOGS
 AM_CFLAGS += -DUSE_CONFIGPATH_LOGS
 endif
-if ENABLE_SECCOMP
+# build the shared library
-AM_CFLAGS += -DHAVE_SECCOMP $(SECCOMP_CFLAGS)
+liblxc_la_CFLAGS = -fPIC \
-liblxc_la_SOURCES += seccomp.c
+		   -DPIC \
-endif
+		   $(AM_CFLAGS) \
+		   -pthread
-liblxc_la_CFLAGS = -fPIC -DPIC $(AM_CFLAGS) -pthread
-liblxc_la_LDFLAGS = \
+liblxc_la_LDFLAGS = -pthread \
-	-pthread \
+		    -Wl,-soname,liblxc.so.$(firstword $(subst ., ,@LXC_ABI@)) \
-	-shared \
+		    -version-info @LXC_ABI_MAJOR@
-	-Wl,-soname,liblxc.so.$(firstword $(subst ., ,@LXC_ABI@)) \
-	-version-info @LXC_ABI_MAJOR@
-liblxc_la_LIBADD = $(CAP_LIBS) $(GNUTLS_LIBS) $(SELINUX_LIBS) $(SECCOMP_LIBS)
+liblxc_la_LIBADD = $(CAP_LIBS) \
+		   $(GNUTLS_LIBS) \
+		   $(SELINUX_LIBS) \
+		   $(SECCOMP_LIBS)
 bin_SCRIPTS=
@@ -322,10 +330,6 @@ if !HAVE_STRLCAT
 init_lxc_static_SOURCES += ../include/strlcat.c ../include/strlcat.h
 endif
-if !HAVE_GETGRGID_R
-liblxc_la_SOURCES += ../include/getgrgid_r.c ../include/getgrgid_r.h
-endif
 init_lxc_static_LDFLAGS = -all-static
 init_lxc_static_LDADD = @CAP_LIBS@
 init_lxc_static_CFLAGS = $(AM_CFLAGS) -DNO_LXC_CONF
@@ -356,6 +360,7 @@ install-exec-hook:
 uninstall-local:
 	$(RM) $(DESTDIR)$(libdir)/liblxc.so*
+	$(RM) $(DESTDIR)$(libdir)/liblxc.a
 if ENABLE_PAM
 if HAVE_PAM
 	$(RM) $(DESTDIR)$(pamdir)/pam_cgfs.so*

--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1191,6 +1191,7 @@ static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs,
 	int ret;
 	size_t clen;
 	char *path;
+	mode_t cur_mask;
 	INFO("Preparing \"/dev\"");
@@ -1202,37 +1203,45 @@ static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs,
 	if (ret < 0 || (size_t)ret >= clen)
 		return -1;
-	if (!dir_exists(path)) {
+	cur_mask = umask(S_IXUSR | S_IXGRP | S_IXOTH);
-		WARN("\"/dev\" directory does not exist. Proceeding without "
+	ret = mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
-		     "autodev being set up");
+	if (ret < 0 && errno != EEXIST) {
-		return 0;
+		SYSERROR("Failed to create \"/dev\" directory");
+		ret = -errno;
+		goto reset_umask;
 	}
 	ret = safe_mount("none", path, "tmpfs", 0, "size=500000,mode=755",
 			 rootfs->path ? rootfs->mount : NULL);
 	if (ret < 0) {
 		SYSERROR("Failed to mount tmpfs on \"%s\"", path);
-		return -1;
+		goto reset_umask;
 	}
-	INFO("Mounted tmpfs on \"%s\"", path);
+	TRACE("Mounted tmpfs on \"%s\"", path);
 	ret = snprintf(path, clen, "%s/dev/pts", rootfs->path ? rootfs->mount : "");
-	if (ret < 0 || (size_t)ret >= clen)
+	if (ret < 0 || (size_t)ret >= clen) {
-		return -1;
+		ret = -1;
+		goto reset_umask;
+	}
 	/* If we are running on a devtmpfs mapping, dev/pts may already exist.
 	 * If not, then create it and exit if that fails...
 	 */
-	if (!dir_exists(path)) {
+	ret = mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
-		ret = mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
+	if (ret < 0 && errno != EEXIST) {
-		if (ret < 0) {
+		SYSERROR("Failed to create directory \"%s\"", path);
-			SYSERROR("Failed to create directory \"%s\"", path);
+		ret = -errno;
-			return -1;
+		goto reset_umask;
-		}
 	}
+	ret = 0;
+reset_umask:
+	(void)umask(cur_mask);
 	INFO("Prepared \"/dev\"");
-	return 0;
+	return ret;
 }
 struct lxc_device_node {

--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1274,13 +1274,13 @@ static int do_start(void *data)
 	close(handler->sigfd);
-	if (devnull_fd < 0) {
-		devnull_fd = open_devnull();
-		if (devnull_fd < 0)
-			goto out_warn_father;
-	}
 	if (handler->conf->console.slave < 0 && handler->backgrounded) {
+		if (devnull_fd < 0) {
+			devnull_fd = open_devnull();
+			if (devnull_fd < 0)
+				goto out_warn_father;
+		}
 		ret = set_stdfds(devnull_fd);
 		if (ret < 0) {
 			ERROR("Failed to redirect std{in,out,err} to \"/dev/null\"");