From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 13 Aug 2019 13:57:22 +0200 Subject: [PATCH] PVE: [Config] attach: always use getent In debian buster, some libnss plugins (if installed) can cause getpwent to segfault instead of erroring out cleanly. To avoid this, stick to always using getent. Signed-off-by: Wolfgang Bumiller --- src/lxc/attach.c | 29 ++--------------------------- 1 file changed, 2 insertions(+), 27 deletions(-) diff --git a/src/lxc/attach.c b/src/lxc/attach.c index 117e3778f..8b34a412e 100644 --- a/src/lxc/attach.c +++ b/src/lxc/attach.c @@ -1548,11 +1548,7 @@ int lxc_attach_run_command(void *payload) int lxc_attach_run_shell(void* payload) { uid_t uid; - struct passwd pwent; - struct passwd *pwentp = NULL; char *user_shell; - char *buf; - size_t bufsize; int ret; /* Ignore payload parameter. */ @@ -1560,32 +1556,13 @@ int lxc_attach_run_shell(void* payload) uid = getuid(); - bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); - if (bufsize == -1) - bufsize = 1024; - - buf = malloc(bufsize); - if (buf) { - ret = getpwuid_r(uid, &pwent, buf, bufsize, &pwentp); - if (!pwentp) { - if (ret == 0) - WARN("Could not find matched password record"); - - WARN("Failed to get password record - %u", uid); - } - } - /* This probably happens because of incompatible nss implementations in * host and container (remember, this code is still using the host's * glibc but our mount namespace is in the container) we may try to get * the information by spawning a [getent passwd uid] process and parsing * the result. */ - if (!pwentp) - user_shell = lxc_attach_getpwshell(uid); - else - user_shell = pwent.pw_shell; - + user_shell = lxc_attach_getpwshell(uid); if (user_shell) execlp(user_shell, user_shell, (char *)NULL); @@ -1595,9 +1572,7 @@ int lxc_attach_run_shell(void* payload) execlp("/bin/sh", "/bin/sh", (char *)NULL); SYSERROR("Failed to execute shell"); - if (!pwentp) - free(user_shell); + free(user_shell); - free(buf); return -1; } -- 2.20.1