- check for buffer overflow
- only call INFO() after we ensured that readlink() was successful
- simplify logic

Reported-by: Benedikt Rosenkranz beluro@web.de
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

I suspect that there's a glibc bug on ppc64le. Both clang and gcc a very
unhappy when you return -errno from these functions. Instead, let's return
concrete errno numbers, e.g. -EINVAL.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Add cronie to have crond running in the containers.
Signed-off-by: Marc Gariepy <gariepy.marc@gmail.com>

Signed-off-by: Serge Hallyn <serge@hallyn.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Closes #1561.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

This patch add function `get_action_name`, so we can print action name
in the log file. for example:

```
lxc-start ubuntu 20170515095416.561 INFO     lxc_seccomp - seccomp.c:parse_config_v2:613 - Adding compat rule for reject_force_umount action 0(kill).
lxc-start ubuntu 20170515095416.562 INFO     lxc_seccomp - seccomp.c:parse_config_v2:613 - Adding compat rule for kexec_load action 327681(errno).
```
Signed-off-by: 0x0916 <w@laoqinren.net>

Signed-off-by: 0x0916 <w@laoqinren.net>

Signed-off-by: 0x0916 <w@laoqinren.net>

we want to export `monitor.h`, `#include "conf.h"` will cause error
and it is unneccessory so just delete it.
Signed-off-by: 0x0916 <w@laoqinren.net>

Signed-off-by: Dima Krasner <samdima@securingsam.com>

So far, we somehow always called lxc_map_ids(), even when no id map was
configured. Let's not do this.

Closes #1555.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Closes #1552.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Suggested-by: Benedikt Rosenkranz beluro@web.de
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: 0x0916 <w@laoqinren.net>

Signed-off-by: 0x0916 <w@laoqinren.net>

I mean.. really? But better safe than sorry.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

I really fail to see the point of this and git {blame, log -S} don't really
enlighten me on the reason for this as well. But I might be dense. The way I
see it the only thing this line achieves is causing trouble when the container
is started as root because the umount2() call will umount e.g.
/usr/lib/x86_64-linux-gnu/lxc in case it is a mountpoint on the host. Note,
this is because lxc_spawn() is still called in the hosts namespaces.

Closes https://github.com/lxc/lxd/#3255.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

There's really no reason not to if it's requested.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_unstack_mountpoint() tries to clear all mountpoints from a given path.
It return the number of successful umounts on success and -errno on error.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

The code in conf will bind-mount a /dev/pts/<n> device over a dummy regular
/dev/console file. If users really want /dev/console bind-mount from the host
they can request it explicitly in the containers config file. This change will
have no effect on current LX{C,D} behavior since we (as said above) overmount
the /dev/console bind-mount anyway.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

In case the user specified

lxc.console = none
lxc.devttydir = bla
lxc.mount.entry = /dev/console dev/console none bind,create=file 0 0

move the mount under /dev/bla/console

If he requested a mknod()ed /dev/console rename it to /dev/bla/console.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

In case the user did request a console to be set up unmount any prior
bind-mount for it.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: 0x0916 <w@laoqinren.net>

Older version of liblxc only allowed for 105 bytes to be used for the abstract
unix domain socket name because the code for our abstract unix socket handling
performed invalid checks. Since we \0-terminate we could now have a maximum of
106 chars. But do not break backwards compatibility we keep the limit at 105.

Reported-by: 0x0916 w@laoqinren.net
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

In case the lxc command socket is hashed and the socket was created for a
different path than the one we're currently querying
lxc_cmd_get_{lxcpath,name}() can return NULL. The command socket path is hashed
when len(lxcpath) > sizeof(sun_path) - 2.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_cmd_get_lxcpath() and lxc_cmd_get_name() both pass a nil pointer to
fill_sock_name(). Make sure that they are not dereferenced.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Abstract unix sockets need not be \0-terminated. So you can effectively have
107 chars available. If you \0-terminate you'll have a 106. Don't enforce
\0-termination in these low-level functions. Enforce it higher up which we
already do.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>