Drop lxc-setcap and lxc-setuid

As discussed earlier this week, lxc-setcap and lxc-setuid have been
in pretty bad shape lately. Most if not all distros recommend against
using them or don't ship them at all.

With the ongoing work to get user namespaces working in upstream LXC,
we think it's best to drop those two now as we prepare to land proper
setuid helpers to deal with user namespaces.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

.gitignore

@@ -55,8 +55,6 @@ src/lxc/lxc-monitor
 src/lxc/lxc-netstat
 src/lxc/lxc-ps
 src/lxc/lxc-restart
-src/lxc/lxc-setcap
-src/lxc/lxc-setuid
 src/lxc/lxc-shutdown
 src/lxc/lxc-start
 src/lxc/lxc-start-ephemeral

README

@@ -36,7 +36,7 @@ Downloading the current source code:
 
   For detailed build instruction refer to INSTALL and man lxc man page
   but a short command line should work:
-  ./autogen.sh && ./configure && make && sudo make install && sudo lxc-setcap
+  ./autogen.sh && ./configure && make && sudo make install
   preceded by ./autogen.sh if configure do not exist yet.
 
 Getting help:

configure.ac

@@ -356,8 +356,6 @@ AC_CONFIG_FILES([
 	src/lxc/lxc-ps
 	src/lxc/lxc-netstat
 	src/lxc/lxc-checkconfig
-	src/lxc/lxc-setcap
-	src/lxc/lxc-setuid
 	src/lxc/lxc-version
 	src/lxc/lxc-create
 	src/lxc/lxc-clone
@@ -377,32 +375,3 @@ AC_CONFIG_FILES([
 ])
 AC_CONFIG_COMMANDS([default],[[]],[[]])
 AC_OUTPUT
-
-
-# Detect missing setcap binary
-AC_CHECK_PROG(SETCAP, setcap, yes, no, $PATH$PATH_SEPARATOR/sbin)
-if test "x$SETCAP" = "xno"; then
-	AC_MSG_NOTICE([
-
-Warning:
---------
-
-The setcap binary was not found. This means the tools to set the
-privilege for the lxc commands are not available, that's ok, but you
-will need to run these commands as root or install libcap-2.
-
-])
-
-else
-
-   AC_MSG_NOTICE([
-
-Advice:
--------
-
-If you wish to have a non root user to use the lxc tools,
-you can add the needed capabilities to the tools by invoking
-the 'lxc-setcap' script. To remove the capabilities, use
-'lxc-setcap -d'.
-])
-fi

src/lxc/Makefile.am

@@ -122,8 +122,6 @@ bin_SCRIPTS = \
 	lxc-ps \
 	lxc-netstat \
 	lxc-checkconfig \
-	lxc-setcap \
-	lxc-setuid \
 	lxc-version \
 	lxc-create \
 	lxc-clone \

src/lxc/lxc-setcap.in

@@ -1,135 +0,0 @@
-#!/bin/sh
-
-#
-# lxc: linux Container library
-
-# Authors:
-# Daniel Lezcano <daniel.lezcano@free.fr>
-
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# Lesser General Public License for more details.
-
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-
-#
-# This script allows to set or remove the capabilities on the lxc tools.
-# When the capabilities are set, a non root user can manage the containers.
-#
-
-. @DATADIR@/lxc/lxc.functions
-
-LXC_ATTACH_CAPS="cap_sys_admin,cap_dac_override"
-LXC_CREATE_CAPS="cap_sys_admin"
-LXC_NETSTAT_CAPS="cap_sys_admin"
-LXC_INIT_CAPS="cap_sys_admin,cap_dac_override"
-LXC_COMMON_CAPS="cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override"
-LXC_UNSHARE_CAPS=$LXC_COMMON_CAPS
-LXC_START_CAPS="$LXC_COMMON_CAPS,cap_fowner,cap_sys_chroot,cap_setpcap"
-LXC_EXECUTE_CAPS=$LXC_START_CAPS
-LXC_RESTART_CAPS="$LXC_START_CAPS,cap_mknod"
-LXC_CHECKPOINT_CAPS="$LXC_COMMON_CAPS,cap_sys_ptrace,cap_mknod"
-LXC_DROP_CAPS=""
-
-usage() {
-    echo "usage: $(basename $0) [-d]" >&2
-}
-
-help() {
-    usage
-    echo >&2
-    echo "Set or drop file capabilities on the lxc tools." >&2
-    echo >&2
-    echo "Options:" >&2
-    echo "  -d   drop file capabilities" >&2
-}
-
-lxc_setcaps()
-{
-    setcap $LXC_ATTACH_CAPS=ep @BINDIR@/lxc-attach
-    setcap $LXC_CREATE_CAPS=ep @BINDIR@/lxc-create
-    setcap $LXC_EXECUTE_CAPS=ep @BINDIR@/lxc-execute
-    setcap $LXC_START_CAPS=ep @BINDIR@/lxc-start
-    setcap $LXC_RESTART_CAPS=ep @BINDIR@/lxc-restart
-    setcap $LXC_UNSHARE_CAPS=ep @BINDIR@/lxc-unshare
-    setcap $LXC_NETSTAT_CAPS=ep @BINDIR@/lxc-netstat
-    setcap $LXC_CHECKPOINT_CAPS=ep @BINDIR@/lxc-checkpoint
-    setcap $LXC_INIT_CAPS=ep @LXCINITDIR@/lxc/lxc-init
-
-    test -e $lxc_path || mkdir -p $lxc_path
-    chmod 0777 $lxc_path
-}
-
-lxc_dropcaps()
-{
-    setcap -r $bindir/lxc-attach
-    setcap -r $bindir/lxc-create
-    setcap -r $bindir/lxc-execute
-    setcap -r $bindir/lxc-start
-    setcap -r $bindir/lxc-restart
-    setcap -r $bindir/lxc-unshare
-    setcap -r $bindir/lxc-netstat
-    setcap -r $bindir/lxc-checkpoint
-    setcap -r $lxcinitdir/lxc/lxc-init
-
-    chmod 0755 $lxc_path
-}
-
-usage_err() {
-    [ -n "$1" ] && echo "$1" >&2
-    usage
-    exit 1
-}
-
-optarg_check() {
-    if [ -z "$2" ]; then
-        usage_err "option '$1' requires an argument"
-    fi
-}
-
-while [ $# -gt 0 ]; do
-    opt="$1"
-    shift
-    case "$opt" in
-        -d)
-            LXC_DROP_CAPS="yes"
-            ;;
-        -h|--help)
-            help
-            exit 0
-            ;;
-        --)
-            break
-            ;;
-        -?)
-            usage_err "unknown option '$opt'"
-            ;;
-        -*)
-            # split opts -abc into -a -b -c
-            set -- $(echo "${opt#-}" | sed 's/\(.\)/ -\1/g') "$@"
-            ;;
-         *)
-            usage
-            exit 1
-            ;;
-    esac
-done;
-
-if [ "$(id -u)" != "0" ]; then
-   echo "$(basename $0): must be run as root" >&2
-   exit 1
-fi
-
-if [ -z "$LXC_DROP_CAPS" ]; then
-    lxc_setcaps
-else
-    lxc_dropcaps
-fi

src/lxc/lxc-setuid.in

@@ -1,132 +0,0 @@
-#!/bin/sh
-
-#
-# lxc: linux Container library
-
-# Authors:
-# Daniel Lezcano <daniel.lezcano@free.fr>
-
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# Lesser General Public License for more details.
-
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-
-#
-# This script allows to set or remove the setuid execution bit on the lxc tools.
-# When the capabilities are set, a non root user can manage the containers.
-#
-
-. @DATADIR@/lxc/lxc.functions
-
-usage() {
-    echo "usage: $(basename $0) [-d]" >&2
-}
-
-help() {
-    usage
-    echo >&2
-    echo "Set or drop the setuid attribute on the lxc tools." >&2
-    echo >&2
-    echo "Options:" >&2
-    echo "  -d   drop the setuid attribute" >&2
-}
-
-setuid()
-{
-    if [ "$1" = "-r" ]; then
-        chmod -s $2
-    else
-        chmod +s $1
-    fi
-}
-
-lxc_setuid()
-{
-    setuid $bindir/lxc-attach
-    setuid $bindir/lxc-create
-    setuid $bindir/lxc-execute
-    setuid $bindir/lxc-start
-    setuid $bindir/lxc-restart
-    setuid $bindir/lxc-unshare
-    setuid $bindir/lxc-netstat
-    setuid $bindir/lxc-checkpoint
-    setuid $lxcinitdir/lxc-init
-
-    test -e $lxc_path || mkdir -p $lxc_path
-    chmod 0777 $lxc_path
-}
-
-lxc_dropuid()
-{
-    setuid -r $bindir/lxc-attach
-    setuid -r $bindir/lxc-create
-    setuid -r $bindir/lxc-execute
-    setuid -r $bindir/lxc-start
-    setuid -r $bindir/lxc-restart
-    setuid -r $bindir/lxc-unshare
-    setuid -r $bindir/lxc-netstat
-    setuid -r $bindir/lxc-checkpoint
-    setuid -r $lxcinitdir/lxc-init
-
-    chmod 0755 $lxc_path
-}
-
-usage_err() {
-    [ -n "$1" ] && echo "$1" >&2
-    usage
-    exit 1
-}
-
-optarg_check() {
-    if [ -z "$2" ]; then
-        usage_err "option '$1' requires an argument"
-    fi
-}
-
-while [ $# -gt 0 ]; do
-    opt="$1"
-    shift
-    case "$opt" in
-        -d)
-            LXC_DROP_CAPS="yes"
-            ;;
-        -h|--help)
-            help
-            exit 0
-            ;;
-        --)
-            break
-            ;;
-        -?)
-            usage_err "unknown option '$opt'"
-            ;;
-        -*)
-            # split opts -abc into -a -b -c
-            set -- $(echo "${opt#-}" | sed 's/\(.\)/ -\1/g') "$@"
-            ;;
-         *)
-            usage
-            exit 1
-            ;;
-    esac
-done;
-
-if [ "$(id -u)" != "0" ]; then
-   echo "$(basename $0): must be run as root" >&2
-   exit 1
-fi
-
-if [ -z "$LXC_DROP_CAPS" ]; then
-    lxc_setuid
-else
-    lxc_dropuid
-fi