Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

add some idmap parsing error messages

otherwise, we just get a return value of false from setting config failure,
with no indication as to what actually failed in the log.
Signed-off-by: Tycho Andersen <tycho@tycho.ws>

fix up lxc-usernsexec's exit status

* exit(1) when there is an option parsing error
* exit(0) when the user explicitly asks for help
* exit(1) when the user specifies an invalid option
Signed-off-by: Tycho Andersen <tycho@tycho.ws>

Add return check for 'lxc_cmd_get_name'

If 'lxc_cmd_get_name' failed and return with NULL, this would cause a segment fault.
Signed-off-by: LiFeng <lifeng68@huawei.com>

lxc_get_version() should show the "-devel" suffix

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

conf: write "deny" to /proc/[pid]/setgroups

commands: fully revert set_running_config_item()

When we deleted cgroups for unprivileged containers we used to allocate a new
mapping and clone a new user namespace each time we delete a cgroup. This of
course meant - on a cgroup v1 system - doing this >= 10 times when all
controllers were used. Let's not to do this and only allocate and establish a
mapping once.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

When fully unprivileged users run a container that only maps their own {g,u}id
and they do not have access to setuid new{g,u}idmap binaries we will write the
idmapping directly. This however requires us to write "deny" to
/proc/[pid]/setgroups otherwise any write to /proc/[pid]/gid_map will be
denied.

On a sidenote, this patch enables fully unprivileged containers. If you now set
lxc.net.[i].type = empty no privilege whatsoever is required to run a container.

Enhances #2033.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Felix Abecassis <fabecassis@nvidia.com>
Cc: Jonathan Calmels <jcalmels@nvidia.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

gentoo: Add support for .xz tarballs

configure.ac: fix the check for static libcap

The existing check doesn't work, because when you statically
link a program against libc, any functions not called are not
included.  So cap_init() which we check for is not there in
the built binary.

So instead just check whether a "gcc -lcap -static" works.
If libcap.a is not available it will fail, if it is it will
succeed.
Signed-off-by: Serge Hallyn <shallyn@cisco.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

The noop implementation is pointless.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxccontainer: revert set_running_config_item()

Support configurations without root mapping

Closes #2033.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

If no id mapping for the container's root id is defined try to us the id
mappings specified via lxc.init.{g,u}id.

Closes #2033.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Closes #2033.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Closes #2033.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

- mapped_hostid_entry()
- idmap_add()

Closes #2033.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

- As discussed we will have a proper API extension that will allow updating
  various parts of a running container. The prior approach wasn't a good idea.

- Revert this is not a problem since we haven't released any version with the
  set_running_config_item() API extension.

- I'm not simply reverting so that master users can still call into new
  liblxc's without crashing the container. This is achieved by keeping the
  commands callback struct member number identical.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

mainloop: capture output of short-lived init procs

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

We don't allow non-pty devices anyway so don't let open() create unneeded
files.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_config: Add -h and --help flags handler

As the other tools already handle, show usage message when -h or --help
are used.
Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>

The handler for the signal fd will detect when the init process of a container
has exited and cause the mainloop to close. However, this can happen before the
console handlers - or any other events for that matter - are handled. So in the
case of init exiting we still need to allow for all buffered input to the
console to be handled before exiting. This allows us to capture output from
short-lived init processes.

This is conceptually equivalent to my implementation of ExecReaderToChannel()
https://github.com/lxc/lxd/blob/master/shared/util_linux.go#L527

Closes #1694.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

This makes it clearer why handlers return what value.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: fix death signal

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

On set{g,u}id() the kernel does:

 	/* dumpability changes */
	if (!uid_eq(old->euid, new->euid) ||
	    !gid_eq(old->egid, new->egid) ||
	    !uid_eq(old->fsuid, new->fsuid) ||
	    !gid_eq(old->fsgid, new->fsgid) ||
	    !cred_cap_issubset(old, new)) {
		if (task->mm)
			set_dumpable(task->mm, suid_dumpable);
		task->pdeath_signal = 0;
		smp_wmb();
	}

which means we need to re-enable the deat signal after the set{g,u}id().
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>