- 19 Jan, 2018 27 commits
-
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
- int lxc_make_controlling_pty() - int lxc_login_pty() - void lxc_pty_conf_free() - void lxc_pty_info_init() - void lxc_pty_init() Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Tycho Andersen authored
otherwise, we just get a return value of false from setting config failure, with no indication as to what actually failed in the log. Signed-off-by:Tycho Andersen <tycho@tycho.ws>
-
Tycho Andersen authored
* exit(1) when there is an option parsing error * exit(0) when the user explicitly asks for help * exit(1) when the user specifies an invalid option Signed-off-by: -
LiFeng authored
If 'lxc_cmd_get_name' failed and return with NULL, this would cause a segment fault. Signed-off-by:LiFeng <lifeng68@huawei.com>
-
Stéphane Graber authored
Signed-off-by:Stéphane Graber <stgraber@ubuntu.com>
-
Stéphane Graber authored
Signed-off-by: -
Christian Brauner authored
When we deleted cgroups for unprivileged containers we used to allocate a new mapping and clone a new user namespace each time we delete a cgroup. This of course meant - on a cgroup v1 system - doing this >= 10 times when all controllers were used. Let's not to do this and only allocate and establish a mapping once. Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
When fully unprivileged users run a container that only maps their own {g,u}id and they do not have access to setuid new{g,u}idmap binaries we will write the idmapping directly. This however requires us to write "deny" to /proc/[pid]/setgroups otherwise any write to /proc/[pid]/gid_map will be denied. On a sidenote, this patch enables fully unprivileged containers. If you now set lxc.net.[i].type = empty no privilege whatsoever is required to run a container. Enhances #2033. Signed-off-by: -
Serge Hallyn authored
The existing check doesn't work, because when you statically link a program against libc, any functions not called are not included. So cap_init() which we check for is not there in the built binary. So instead just check whether a "gcc -lcap -static" works. If libcap.a is not available it will fail, if it is it will succeed. Signed-off-by:Serge Hallyn <shallyn@cisco.com>
-
Stéphane Graber authored
Signed-off-by: -
Christian Brauner authored
Closes #2033. Signed-off-by: -
Christian Brauner authored
If no id mapping for the container's root id is defined try to us the id mappings specified via lxc.init.{g,u}id. Closes #2033. Signed-off-by: -
Christian Brauner authored
Closes #2033. Signed-off-by: -
Christian Brauner authored
Closes #2033. Signed-off-by: -
Christian Brauner authored
- mapped_hostid_entry() - idmap_add() Closes #2033. Signed-off-by:
-
- 02 Jan, 2018 11 commits
-
-
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
We don't allow non-pty devices anyway so don't let open() create unneeded files. Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Marcos Paulo de Souza authored
As the other tools already handle, show usage message when -h or --help are used. Signed-off-by:Marcos Paulo de Souza <marcos.souza.org@gmail.com>
-
Christian Brauner authored
The handler for the signal fd will detect when the init process of a container has exited and cause the mainloop to close. However, this can happen before the console handlers - or any other events for that matter - are handled. So in the case of init exiting we still need to allow for all buffered input to the console to be handled before exiting. This allows us to capture output from short-lived init processes. This is conceptually equivalent to my implementation of ExecReaderToChannel() https://github.com/lxc/lxd/blob/master/shared/util_linux.go#L527 Closes #1694. Signed-off-by:
-
Christian Brauner authored
This makes it clearer why handlers return what value. Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
On set{g,u}id() the kernel does: /* dumpability changes */ if (!uid_eq(old->euid, new->euid) || !gid_eq(old->egid, new->egid) || !uid_eq(old->fsuid, new->fsuid) || !gid_eq(old->fsgid, new->fsgid) || !cred_cap_issubset(old, new)) { if (task->mm) set_dumpable(task->mm, suid_dumpable); task->pdeath_signal = 0; smp_wmb(); } which means we need to re-enable the deat signal after the set{g,u}id(). Signed-off-by: -
Christian Brauner authored
Since we are now dumpable we can open /proc/<child-pid>/ns/cgroup so let's avoid the overhead of sending around fds. Signed-off-by: -
Christian Brauner authored
When set set{u,g}id() the kernel will make us undumpable. This is unnecessary since we can guarantee that whatever is running inside the child process at this point this is fully trusted by the parent. Making us dumpable let's users use debuggers on the child process before the exec as well and also allows us to open /proc/<child-pid> files in lieu of the child. Note, that we only need to perform the prctl(PR_SET_DUMPABLE, ...) if our effective uid on the host is not 0. If our effective uid on the host is 0 then we will keep all capabilities in the child user namespace across set{g,u}id(). Signed-off-by: -
Christian Brauner authored
Signed-off-by:
-
- 01 Jan, 2018 2 commits
-
-
Christian Brauner authored
This way we can rely on the kernel's copy-on-write support similar to fork(). Signed-off-by: -
Christian Brauner authored
This is a copy-on-write (no stack passed) variant of lxc_clone(). Signed-off-by:
-
