Files · 28f7670c1919c236bafc2893706afe13fbf23008 · Chen Yisong / lxc

lxc_unshare: Add uid_mapping when creating userns · 28f7670c

authored Nov 28, 2017

Change conf.c to export function write_id_mapping, which will now be
called inside main function of lxc_unshare.c.

This is required because setuid syscalls only permits a new userns to
set a new uid if the uid of parameter is mapped inside the ns using
uid_map file[1]. So, just after the clone invocation, map the uid passed as
parameter into the newly created user namespace, and put the current uid
as the ID-outside-ns. After the mapping is done, setuid call succeeds.

Closes: #494

[1] https://elixir.free-electrons.com/linux/latest/source/kernel/user_namespace.c#L286Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>

28f7670c

Name	Last commit	Last update
.github		Loading commit data...
config		Loading commit data...
doc		Loading commit data...
hooks		Loading commit data...
src		Loading commit data...
templates		Loading commit data...
.gitignore		Loading commit data...
.travis.yml		Loading commit data...
AUTHORS		Loading commit data...
CONTRIBUTING		Loading commit data...
COPYING		Loading commit data...
INSTALL		Loading commit data...
MAINTAINERS		Loading commit data...
Makefile.am		Loading commit data...
NEWS		Loading commit data...
README		Loading commit data...
README.md		Loading commit data...
autogen.sh		Loading commit data...
configure.ac		Loading commit data...
lxc.pc.in		Loading commit data...
lxc.spec.in		Loading commit data...

README.md