idmap_add_id: fix broken behavior

The geteuid() addition is being made the first element of the lxc_list, but the first element is just a head whose entry is ignored. Therefore userns_exec_1() was starting its tasks without the caller's uid mapped into the namespace. Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>
2025-08-14 15:29:56 +00:00 · 2014-01-23 22:23:24 -06:00 · 2014-01-23 22:23:24 -06:00 · 3ec1648d8e
commit 3ec1648d8e
parent 9f2fd74c7b
1 changed files with 25 additions and 27 deletions
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@ -3969,29 +3969,31 @@ static struct lxc_list *idmap_add_id(struct lxc_conf *conf, uid_t uid)
 	struct lxc_list *new = NULL, *tmp, *it, *next;
 	struct id_map *entry;

-	if (hostid_mapped < 0) {
-		hostid_mapped = find_unmapped_nsuid(conf);
-		if (hostid_mapped < 0) {
-			ERROR("Could not find free uid to map");
-			return NULL;
-		}
 	new = malloc(sizeof(*new));
 	if (!new) {
 		ERROR("Out of memory building id map");
 		return NULL;
 	}
+	lxc_list_init(new);
+
+	if (hostid_mapped < 0) {
+		hostid_mapped = find_unmapped_nsuid(conf);
+		if (hostid_mapped < 0)
+			goto err;
+		tmp = malloc(sizeof(*tmp));
+		if (!tmp)
+			goto err;
 		entry = malloc(sizeof(*entry));
 		if (!entry) {
-			free(new);
-			ERROR("Out of memory building idmap entry");
-			return NULL;
+			free(tmp);
+			goto err;
 		}
-		new->elem = entry;
+		tmp->elem = entry;
 		entry->idtype = ID_TYPE_UID;
 		entry->nsid = hostid_mapped;
 		entry->hostid = (unsigned long)uid;
 		entry->range = 1;
-		lxc_list_init(new);
+		lxc_list_add_tail(new, tmp);
 	}
 	lxc_list_for_each_safe(it, &conf->id_map, next) {
 		tmp = malloc(sizeof(*tmp));
@ -4005,10 +4007,6 @@ static struct lxc_list *idmap_add_id(struct lxc_conf *conf, uid_t uid)
 		memset(entry, 0, sizeof(*entry));
 		memcpy(entry, it->elem, sizeof(*entry));
 		tmp->elem = entry;
-		if (!new) {
-			new = tmp;
-			lxc_list_init(new);
-		} else
 		lxc_list_add_tail(new, tmp);
 	}