Merge pull request #2297 from brauner/2018-04-29/bugfixes

src/lxc/cgroups/cgfsng.c

@@ -622,7 +622,7 @@ copy_parent:
 	*lastslash = oldv;
 	free(fpath);
 	fpath = must_make_path(path, "cpuset.cpus", NULL);
-	ret = lxc_write_to_file(fpath, cpulist, strlen(cpulist), false);
+	ret = lxc_write_to_file(fpath, cpulist, strlen(cpulist), false, 0666);
 	if (ret < 0) {
 		SYSERROR("Failed to write cpu list to \"%s\"", fpath);
 		goto on_error;
@@ -673,7 +673,7 @@ static bool copy_parent_file(char *path, char *file)
 
 	*lastslash = oldv;
 	fpath = must_make_path(path, file, NULL);
-	ret = lxc_write_to_file(fpath, value, len, false);
+	ret = lxc_write_to_file(fpath, value, len, false, 0666);
 	if (ret < 0)
 		SYSERROR("Failed to write \"%s\" to file \"%s\"", value, fpath);
 	free(fpath);
@@ -762,7 +762,7 @@ static bool cg_legacy_handle_cpuset_hierarchy(struct hierarchy *h, char *cgname)
 	}
 	free(cgpath);
 
-	ret = lxc_write_to_file(clonechildrenpath, "1", 1, false);
+	ret = lxc_write_to_file(clonechildrenpath, "1", 1, false, 0666);
 	if (ret < 0) {
 		/* Set clone_children so children inherit our settings */
 		SYSERROR("Failed to write 1 to \"%s\"", clonechildrenpath);
@@ -1712,7 +1712,7 @@ static bool cg_unified_create_cgroup(struct hierarchy *h, char *cgname)
 
 		cgroup = must_append_path(cgroup, parts[i], NULL);
 		target = must_make_path(cgroup, "cgroup.subtree_control", NULL);
-		ret = lxc_write_to_file(target, add_controllers, full_len, false);
+		ret = lxc_write_to_file(target, add_controllers, full_len, false, 0666);
 		free(target);
 		if (ret < 0) {
 			SYSERROR("Could not enable \"%s\" controllers in the "
@@ -1858,7 +1858,7 @@ static bool cgfsng_enter(void *hdata, pid_t pid)
 
 		fullpath = must_make_path(hierarchies[i]->fullcgpath,
 					  "cgroup.procs", NULL);
-		ret = lxc_write_to_file(fullpath, pidstr, len, false);
+		ret = lxc_write_to_file(fullpath, pidstr, len, false, 0666);
 		if (ret != 0) {
 			SYSERROR("Failed to enter cgroup \"%s\"", fullpath);
 			free(fullpath);
@@ -2027,7 +2027,8 @@ static int cg_legacy_mount_controllers(int type, struct hierarchy *h,
 							   controllerpath,
 							   flags | MS_REMOUNT);
 		ret = mount(controllerpath, controllerpath, "cgroup",
-			    MS_REMOUNT | MS_BIND | MS_RDONLY, NULL);
+			    remount_flags | MS_REMOUNT | MS_BIND | MS_RDONLY,
+			    NULL);
 		if (ret < 0) {
 			SYSERROR("Failed to remount \"%s\" ro", controllerpath);
 			return -1;
@@ -2305,7 +2306,7 @@ static bool cgfsng_escape()
 		fullpath = must_make_path(hierarchies[i]->mountpoint,
 					  hierarchies[i]->base_cgroup,
 					  "cgroup.procs", NULL);
-		ret = lxc_write_to_file(fullpath, "0", 2, false);
+		ret = lxc_write_to_file(fullpath, "0", 2, false, 0666);
 		if (ret != 0) {
 			SYSERROR("Failed to escape to cgroup \"%s\"", fullpath);
 			free(fullpath);
@@ -2358,7 +2359,7 @@ static bool cgfsng_unfreeze(void *hdata)
 		return false;
 
 	fullpath = must_make_path(h->fullcgpath, "freezer.state", NULL);
-	ret = lxc_write_to_file(fullpath, THAWED, THAWED_LEN, false);
+	ret = lxc_write_to_file(fullpath, THAWED, THAWED_LEN, false, 0666);
 	free(fullpath);
 	if (ret < 0)
 		return false;
@@ -2416,7 +2417,7 @@ static int __cg_unified_attach(const struct hierarchy *h, const char *name,
 	base_path = must_make_path(h->mountpoint, container_cgroup, NULL);
 	full_path = must_make_path(base_path, "cgroup.procs", NULL);
 	/* cgroup is populated */
-	ret = lxc_write_to_file(full_path, pidstr, pidstr_len, false);
+	ret = lxc_write_to_file(full_path, pidstr, pidstr_len, false, 0666);
 	if (ret < 0 && errno != EBUSY)
 		goto on_error;
 
@@ -2442,7 +2443,7 @@ static int __cg_unified_attach(const struct hierarchy *h, const char *name,
 			goto on_error;
 
 		strcat(full_path, "/cgroup.procs");
-		ret = lxc_write_to_file(full_path, pidstr, len, false);
+		ret = lxc_write_to_file(full_path, pidstr, len, false, 0666);
 		if (ret == 0)
 			goto on_success;
 
@@ -2494,7 +2495,7 @@ static bool cgfsng_attach(const char *name, const char *lxcpath, pid_t pid)
 
 		fullpath = build_full_cgpath_from_monitorpath(h, path, "cgroup.procs");
 		free(path);
-		ret = lxc_write_to_file(fullpath, pidstr, len, false);
+		ret = lxc_write_to_file(fullpath, pidstr, len, false, 0666);
 		if (ret < 0) {
 			SYSERROR("Failed to attach %d to %s", (int)pid, fullpath);
 			free(fullpath);
@@ -2572,7 +2573,7 @@ static int cgfsng_set(const char *filename, const char *value, const char *name,
 		char *fullpath;
 
 		fullpath = build_full_cgpath_from_monitorpath(h, path, filename);
-		ret = lxc_write_to_file(fullpath, value, strlen(value), false);
+		ret = lxc_write_to_file(fullpath, value, strlen(value), false, 0666);
 		free(fullpath);
 	}
 	free(path);
@@ -2697,7 +2698,7 @@ static int cg_legacy_set_data(const char *filename, const char *value,
 	}
 
 	fullpath = must_make_path(h->fullcgpath, filename, NULL);
-	ret = lxc_write_to_file(fullpath, value, strlen(value), false);
+	ret = lxc_write_to_file(fullpath, value, strlen(value), false, 0666);
 	free(fullpath);
 	return ret;
 }
@@ -2766,7 +2767,7 @@ static bool __cg_unified_setup_limits(void *hdata,
 		struct lxc_cgroup *cg = iterator->elem;
 
 		fullpath = must_make_path(h->fullcgpath, cg->subsystem, NULL);
-		ret = lxc_write_to_file(fullpath, cg->value, strlen(cg->value), false);
+		ret = lxc_write_to_file(fullpath, cg->value, strlen(cg->value), false, 0666);
 		free(fullpath);
 		if (ret < 0) {
 			SYSERROR("Failed to set \"%s\" to \"%s\"",

src/lxc/conf.c

@@ -562,10 +562,6 @@ int pin_rootfs(const char *rootfs)
 	if (!realpath(rootfs, absrootfs))
 		return -2;
 
-	ret = access(absrootfs, F_OK);
-	if (ret != 0)
-		return -1;
-
 	ret = stat(absrootfs, &s);
 	if (ret < 0)
 		return -1;
@@ -581,12 +577,12 @@ int pin_rootfs(const char *rootfs)
 	if (fd < 0)
 		return fd;
 
-	if (fstatfs (fd, &sfs)) {
-		return -1;
-	}
+	ret = fstatfs (fd, &sfs);
+	if (ret < 0)
+		return fd;
 
 	if (sfs.f_type == NFS_SUPER_MAGIC) {
-		DEBUG("rootfs on NFS, not unlinking pin file \"%s\".", absrootfspin);
+		DEBUG("Rootfs on NFS, not unlinking pin file \"%s\"", absrootfspin);
 		return fd;
 	}
 
@@ -2564,7 +2560,7 @@ int setup_sysctl_parameters(struct lxc_list *sysctls)
 		}
 
 		ret = lxc_write_to_file(filename, elem->value,
-					strlen(elem->value), false);
+					strlen(elem->value), false, 0666);
 		if (ret < 0) {
 			ERROR("Failed to setup sysctl parameters %s to %s",
 			      elem->key, elem->value);
@@ -2599,7 +2595,7 @@ int setup_proc_filesystem(struct lxc_list *procs, pid_t pid)
 		}
 
 		ret = lxc_write_to_file(filename, elem->value,
-					strlen(elem->value), false);
+					strlen(elem->value), false, 0666);
 		if (ret < 0) {
 			ERROR("Failed to setup proc filesystem %s to %s",
 			      elem->filename, elem->value);

src/lxc/lxclock.c

@@ -19,13 +19,14 @@
  */
 
 #define _GNU_SOURCE
-#include <malloc.h>
-#include <stdio.h>
 #include <errno.h>
-#include <unistd.h>
 #include <fcntl.h>
-#include <stdlib.h>
+#include <malloc.h>
 #include <pthread.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/file.h>
+#include <unistd.h>
 
 #include <lxc/lxccontainer.h>
 

src/lxc/parse.c

@@ -83,8 +83,10 @@ int lxc_file_for_each_line_mmap(const char *file, lxc_file_cb callback,
 		return -1;
 	}
 
-	if (st.st_size == 0)
+	if (st.st_size == 0) {
+		close(fd);
 		return 0;
+	}
 
 	buf = lxc_strmmap(NULL, st.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
 	if (buf == MAP_FAILED) {

src/lxc/terminal.c

@@ -667,33 +667,23 @@ void lxc_terminal_free(struct lxc_conf *conf, int fd)
 static int lxc_terminal_peer_default(struct lxc_terminal *terminal)
 {
 	struct lxc_terminal_state *ts;
-	const char *path = terminal->path;
-	int fd;
+	const char *path;
 	int ret = 0;
 
-	if (!path) {
-		ret = access("/dev/tty", F_OK);
-		if (ret == 0) {
-			/* If no terminal was given, try current controlling
-			 * terminal, there won't be one if we were started as a
-			 * daemon (-d).
-			 */
-			fd = open("/dev/tty", O_RDWR);
-			if (fd >= 0) {
-				close(fd);
-				path = "/dev/tty";
-			}
-		}
-	}
-
-	if (!path) {
-		errno = ENOTTY;
-		DEBUG("The process does not have a controlling terminal");
-		goto on_succes;
-	}
+	if (terminal->path)
+		path = terminal->path;
+	else
+		path = "/dev/tty";
 
 	terminal->peer = lxc_unpriv(open(path, O_RDWR | O_CLOEXEC));
 	if (terminal->peer < 0) {
+		if (!terminal->path) {
+			errno = ENODEV;
+			DEBUG("%s - The process does not have a controlling "
+			      "terminal", strerror(errno));
+			goto on_succes;
+		}
+
 		ERROR("%s - Failed to open proxy terminal \"%s\"",
 		      strerror(errno), path);
 		return -ENOTTY;

src/lxc/tools/lxc_create.c

@@ -109,7 +109,7 @@ static void create_helpfn(const struct lxc_arguments *args)
 
 	pid = fork();
 	if (pid) {
-		wait_for_pid(pid);
+		(void)wait_for_pid(pid);
 		return;
 	}
 

src/lxc/tools/lxc_monitor.c

@@ -337,7 +337,6 @@ static int lxc_monitor_open(const char *lxcpath)
 	int fd;
 	size_t retry;
 	size_t len;
-	int ret = -1;
 	int backoff_ms[] = {10, 50, 100};
 
 	if (lxc_monitor_sock_name(lxcpath, &addr) < 0)
@@ -352,9 +351,9 @@ static int lxc_monitor_open(const char *lxcpath)
 	len = strlen(&addr.sun_path[1]);
 	if (len >= sizeof(addr.sun_path) - 1) {
 		errno = ENAMETOOLONG;
-		ret = -errno;
+		close(fd);
 		fprintf(stderr, "name of monitor socket too long (%zu bytes): %s\n", len, strerror(errno));
-		goto on_error;
+		return -errno;
 	}
 
 	for (retry = 0; retry < sizeof(backoff_ms) / sizeof(backoff_ms[0]); retry++) {
@@ -366,16 +365,11 @@ static int lxc_monitor_open(const char *lxcpath)
 	}
 
 	if (fd < 0) {
-		ret = -errno;
 		fprintf(stderr, "Failed to connect to monitor socket: %s\n", strerror(errno));
-		goto on_error;
+		return -errno;
 	}
 
 	return fd;
-
-on_error:
-	close(fd);
-	return ret;
 }
 
 static int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds,

src/lxc/tools/tool_utils.c

@@ -1093,9 +1093,6 @@ int rm_r(char *dirname)
 		char *pathname;
 		struct stat mystat;
 
-		if (!direntp)
-			break;
-
 		if (!strcmp(direntp->d_name, ".") ||
 		    !strcmp(direntp->d_name, ".."))
 			continue;

src/lxc/utils.c

@@ -971,12 +971,13 @@ size_t lxc_array_len(void **array)
 	return result;
 }
 
-int lxc_write_to_file(const char *filename, const void* buf, size_t count, bool add_newline)
+int lxc_write_to_file(const char *filename, const void *buf, size_t count,
+		      bool add_newline, mode_t mode)
 {
 	int fd, saved_errno;
 	ssize_t ret;
 
-	fd = open(filename, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, 0666);
+	fd = open(filename, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, mode);
 	if (fd < 0)
 		return -1;
 	ret = lxc_write_nointr(fd, buf, count);

src/lxc/utils.h

@@ -392,7 +392,7 @@ extern int sha1sum_file(char *fnam, unsigned char *md_value);
 
 /* read and write whole files */
 extern int lxc_write_to_file(const char *filename, const void *buf,
-			     size_t count, bool add_newline);
+			     size_t count, bool add_newline, mode_t mode);
 extern int lxc_read_from_file(const char *filename, void* buf, size_t count);
 
 /* convert variadic argument lists to arrays (for execl type argument lists) */

src/tests/aa.c

@@ -94,7 +94,7 @@ static int do_test_file_open(struct lxc_container *c, char *fnam)
 		fret = 0;
 
 err2:
-	wait_for_pid(pid);
+	(void)wait_for_pid(pid);
 err1:
 	close(pipefd[0]);
 	close(pipefd[1]);

src/tests/attach.c

@@ -124,7 +124,7 @@ static int test_attach_lsm_func(struct lxc_container *ct)
 	ret = 0;
 
 err2:
-	wait_for_pid(pid);
+	(void)wait_for_pid(pid);
 err1:
 	close(pipefd[0]);
 	close(pipefd[1]);
@@ -178,7 +178,7 @@ static int test_attach_lsm_cmd(struct lxc_container *ct)
 	ret = 0;
 
 err2:
-	wait_for_pid(pid);
+	(void)wait_for_pid(pid);
 err1:
 	close(pipefd[0]);
 	close(pipefd[1]);
@@ -240,7 +240,7 @@ static int test_attach_func(struct lxc_container *ct)
 	ret = 0;
 
 err2:
-	wait_for_pid(pid);
+	(void)wait_for_pid(pid);
 err1:
 	close(pipefd[0]);
 	close(pipefd[1]);