proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-15 12:06:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #2391 from harryoooooooooo/master

Browse Source 
fix bug: unpriv lxc will run lxc.net.[i].script.up now
This commit is contained in:
Christian Brauner 2018-06-10 17:33:38 +02:00 committed by GitHub
commit 287c5df906
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/lxc/network.c
View File

@ -2097,7 +2097,7 @@ int lxc_find_gateway_addresses(struct lxc_handler *handler)
#define LXC_USERNIC_PATH LIBEXECDIR "/lxc/lxc-user-nic" #define LXC_USERNIC_PATH LIBEXECDIR "/lxc/lxc-user-nic"
static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcname, static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcname,
struct lxc_netdev *netdev, pid_t pid) struct lxc_netdev *netdev, pid_t pid, unsigned int hooks_version)
{ {
int ret; int ret;
pid_t child; pid_t child;
@ -2242,6 +2242,21 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna
return -1; return -1;
} }
if (netdev->upscript) {
char *argv[] = {
"veth",
netdev->link,
netdev->priv.veth_attr.veth1,
NULL,
};
ret = run_script_argv(lxcname,
hooks_version, "net",
netdev->upscript, "up", argv);
if (ret < 0)
return -1;
}
return 0; return 0;
} }
@ -2499,7 +2514,7 @@ int lxc_network_move_created_netdev_priv(const char *lxcpath, const char *lxcnam
} }
int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname, int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
struct lxc_list *network, pid_t pid) struct lxc_list *network, pid_t pid, unsigned int hooks_version)
{ {
struct lxc_list *iterator; struct lxc_list *iterator;
@ -2525,7 +2540,7 @@ int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
if (netdev->mtu) if (netdev->mtu)
INFO("mtu ignored due to insufficient privilege"); INFO("mtu ignored due to insufficient privilege");
if (lxc_create_network_unpriv_exec(lxcpath, lxcname, netdev, pid)) if (lxc_create_network_unpriv_exec(lxcpath, lxcname, netdev, pid, hooks_version))
return -1; return -1;
} }

2
src/lxc/network.h
View File

@ -263,7 +263,7 @@ extern int lxc_network_move_created_netdev_priv(const char *lxcpath,
extern void lxc_delete_network(struct lxc_handler *handler); extern void lxc_delete_network(struct lxc_handler *handler);
extern int lxc_find_gateway_addresses(struct lxc_handler *handler); extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
extern int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname, extern int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
struct lxc_list *network, pid_t pid); struct lxc_list *network, pid_t pid, unsigned int hook_version);
extern int lxc_requests_empty_network(struct lxc_handler *handler); extern int lxc_requests_empty_network(struct lxc_handler *handler);
extern int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler); extern int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler);
extern int lxc_setup_network_in_child_namespaces(const struct lxc_conf *conf, extern int lxc_setup_network_in_child_namespaces(const struct lxc_conf *conf,

2
src/lxc/start.c
View File

@ -1707,7 +1707,7 @@ static int lxc_spawn(struct lxc_handler *handler)
} }
ret = lxc_create_network_unpriv(handler->lxcpath, handler->name, ret = lxc_create_network_unpriv(handler->lxcpath, handler->name,
&conf->network, handler->pid); &conf->network, handler->pid, conf->hooks_version);
if (ret < 0) { if (ret < 0) {
ERROR("Failed to create the configured network"); ERROR("Failed to create the configured network");
goto out_delete_net; goto out_delete_net;