This reverts commit 44818e89.
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

and show all the commands it runs to make it easier to
debug potential issues.
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

init.lxc.static is run in arbitrary containers where the libasan library lxc has been built with
isn't always installed. To make it work let's override GCC's default and link both libasan
and libubsan statically. It should help to fix issues like
```
++ lxc-execute -n c1 -- sudo -u ubuntu /nnptest
lxc-init: error while loading shared libraries: libasan.so.5: cannot open shared object file: No such file or directory
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

```
==70349==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000009fb at pc 0x000000433b70 bp 0x7ffcde087810 sp 0x7ffcde086fd0
READ of size 12 at 0x6020000009fb thread T0
    #0 0x433b6f in strcspn (/usr/bin/lxc-execute+0x433b6f)
    #1 0x7f720413a5cb in apparmor_process_label_get /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:449:8
    #2 0x7f720413bc2a in apparmor_prepare /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:1104:13
    #3 0x7f720409b6e9 in lxc_init /home/runner/work/lxc/lxc/src/lxc/start.c:848:8
    #4 0x7f72040a395a in __lxc_start /home/runner/work/lxc/lxc/src/lxc/start.c:2009:8
    #5 0x7f7203fc7186 in lxc_execute /home/runner/work/lxc/lxc/src/lxc/execute.c:99:9
    #6 0x7f7204000e44 in do_lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1112:9
    #7 0x7f7203ff0c07 in lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1149:8
    #8 0x4c6912 in main /home/runner/work/lxc/lxc/src/lxc/tools/lxc_execute.c:224:9
    #9 0x7f72034ac0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #10 0x41d93d in _start (/usr/bin/lxc-execute+0x41d93d)
+ echo ---

0x6020000009fb is located 0 bytes to the right of 11-byte region [0x6020000009f0,0x6020000009fb)
allocated by thread T0 here:
    #0 0x496399 in realloc (/usr/bin/lxc-execute+0x496399)
    #1 0x7f7203fcf85c in fd_to_buf /home/runner/work/lxc/lxc/src/lxc/file_utils.c:463:10
    #2 0x7f720413a52b in apparmor_process_label_get /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:442:8
    #3 0x7f720413bc2a in apparmor_prepare /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:1104:13
    #4 0x7f720409b6e9 in lxc_init /home/runner/work/lxc/lxc/src/lxc/start.c:848:8
    #5 0x7f72040a395a in __lxc_start /home/runner/work/lxc/lxc/src/lxc/start.c:2009:8
    #6 0x7f7203fc7186 in lxc_execute /home/runner/work/lxc/lxc/src/lxc/execute.c:99:9
    #7 0x7f7204000e44 in do_lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1112:9
    #8 0x7f7203ff0c07 in lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1149:8
    #9 0x4c6912 in main /home/runner/work/lxc/lxc/src/lxc/tools/lxc_execute.c:224:9
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Fixes: #3796
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Fixes: #3789
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

to make it easier to run them under ASan/UBSan.
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Closes https://github.com/lxc/lxc/issues/3791Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

criu can't seem to dump systemd-logind used in Ubuntu due to what appears to be
https://github.com/checkpoint-restore/criu/issues/1430.
Let's switch to busybox where all the processes hopefully can be dumped.

Closes https://github.com/lxc/lxc/issues/3792Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Fixes: #3782
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

```
==131188==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 568 byte(s) in 1 object(s) allocated from:
    #0 0x7f8918943bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
    #1 0x7f89181ee5a3 in lxc_container_new /home/vagrant/lxc/src/lxc/lxccontainer.c:5264
    #2 0x55ffc5022869 in test_container /home/vagrant/lxc/src/tests/cgpath.c:176
    #3 0x55ffc5023023 in main /home/vagrant/lxc/src/tests/cgpath.c:233
    #4 0x7f891709e0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

This reverts commit 674791ed.

Our stable queue tool somehow still listed this patch as pending when it
had already been applied earlier.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

```
$ sudo ./src/tests/lxc-test-lxcpath

=================================================================
==95911==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 39 byte(s) in 1 object(s) allocated from:
    #0 0x7effafc8d3dd in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x963dd)
    #1 0x7effaf5a2de6 in lxcapi_config_file_name /home/vagrant/lxc/src/lxc/lxccontainer.c:3190
    #2 0x562961680c30 in main /home/vagrant/lxc/src/tests/lxcpath.c:49
    #3 0x7effae5150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Direct leak of 21 byte(s) in 1 object(s) allocated from:
    #0 0x7effafc8d3dd in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x963dd)
    #1 0x7effaf5a2de6 in lxcapi_config_file_name /home/vagrant/lxc/src/lxc/lxccontainer.c:3190
    #2 0x56296168115e in main /home/vagrant/lxc/src/tests/lxcpath.c:77
    #3 0x7effae5150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Direct leak of 21 byte(s) in 1 object(s) allocated from:
    #0 0x7effafc8d3dd in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x963dd)
    #1 0x7effaf5a2de6 in lxcapi_config_file_name /home/vagrant/lxc/src/lxc/lxccontainer.c:3190
    #2 0x562961680f0a in main /home/vagrant/lxc/src/tests/lxcpath.c:63
    #3 0x7effae5150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

SUMMARY: AddressSanitizer: 81 byte(s) leaked in 3 allocation(s).
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

```
$ sudo ./src/tests/lxc-test-cgpath
Container creation tests...Passed
Container creation with LXCPATH tests...Passed

=================================================================
==57206==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 296 byte(s) in 1 object(s) allocated from:
    #0 0x7fef22c27dc6 in calloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10ddc6)
    #1 0x557c6e3ce3d9 in cgroup_ops_init cgroups/cgfsng.c:3347
    #2 0x557c6e3d6516 in cgroup_init cgroups/cgroup.c:33
    #3 0x557c6e3788e2 in test_running_container /home/vagrant/lxc/src/tests/cgpath.c:102
    #4 0x557c6e379c69 in test_container /home/vagrant/lxc/src/tests/cgpath.c:197
    #5 0x557c6e379e37 in main /home/vagrant/lxc/src/tests/cgpath.c:233
    #6 0x7fef2136c0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Direct leak of 296 byte(s) in 1 object(s) allocated from:
    #0 0x7fef22c27dc6 in calloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10ddc6)
    #1 0x557c6e3ce3d9 in cgroup_ops_init cgroups/cgfsng.c:3347
    #2 0x557c6e3d6516 in cgroup_init cgroups/cgroup.c:33
    #3 0x557c6e3788e2 in test_running_container /home/vagrant/lxc/src/tests/cgpath.c:102
    #4 0x557c6e379c69 in test_container /home/vagrant/lxc/src/tests/cgpath.c:197
    #5 0x557c6e379e61 in main /home/vagrant/lxc/src/tests/cgpath.c:237
    #6 0x7fef2136c0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Introduce the concept of an unsupported config item.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

This reverts commit 531d36ad.

Callers might want to explicilty inhert file descriptors so we can't
close them behind their back when we exec.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Fixes: #3777
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Introduce the concept of an unsupported config item.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

```
2021-04-02T05:45:54.9410345Z ==13==ERROR: LeakSanitizer: detected memory leaks
2021-04-02T05:45:54.9410737Z
2021-04-02T05:45:54.9411488Z Direct leak of 16 byte(s) in 1 object(s) allocated from:
2021-04-02T05:45:54.9412556Z     #0 0x54d752 in calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
2021-04-02T05:45:54.9413360Z     #1 0x583795 in parse_new_conf_line /src/lxc/src/lxc/confile.c:3048:8
2021-04-02T05:45:54.9414057Z     #2 0x582f1a in lxc_config_define_add /src/lxc/src/lxc/confile.c:3090:15
2021-04-02T05:45:54.9415352Z     #3 0x5810fa in LLVMFuzzerTestOneInput /src/lxc/src/tests/fuzz-lxc-define-load.c:30:6
2021-04-02T05:45:54.9419212Z     #4 0x483b93 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
2021-04-02T05:45:54.9421819Z     #5 0x48309a in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:505:3
2021-04-02T05:45:54.9424205Z     #6 0x485474 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:814:7
2021-04-02T05:45:54.9426658Z     #7 0x485689 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:845:3
2021-04-02T05:45:54.9428616Z     #8 0x473717 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:906:6
2021-04-02T05:45:54.9429989Z     #9 0x49f572 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
2021-04-02T05:45:54.9433312Z     #10 0x7fa96041b83f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2083f)
2021-04-02T05:45:54.9433795Z
2021-04-02T05:45:54.9434661Z DEDUP_TOKEN: calloc--parse_new_conf_line--lxc_config_define_add
2021-04-02T05:45:54.9435483Z SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s).
2021-04-02T05:45:54.9435958Z
2021-04-02T05:45:54.9436404Z INFO: a leak has been found in the initial corpus.
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

if $PATH already contains a path with a space the append of the
default directories in all template scripts fails with an error
like the following:

/usr/share/lxc/templates/lxc-download: 69: export: (x86)/NVIDIA: bad
variable name
Signed-off-by: Christian Ratzenhofer <christian.ratzenhofer@cdnm.at>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Fixes: #3770
Suggested-by: Ruben Jenster <r.jenster@drachenfels.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>