proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-16 11:01:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

start: add crucial details about lxc_spawn()

Browse Source 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner 2017-05-11 14:41:47 +02:00
parent 60883ba8e1
commit 480588e6ad
No known key found for this signature in database
GPG Key ID: 8EB056D53EECB12D
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/lxc/start.c
View File

@ -1071,6 +1071,13 @@ void resolve_clone_flags(struct lxc_handler *handler)
INFO("Inheriting a UTS namespace.");
}
/* lxc_spawn() performs crucial setup tasks and clone()s the new process which
* exec()s the requested container binary.
* Note that lxc_spawn() runs in the parent namespaces. Any operations performed
* right here should be double checked if they'd pose a security risk. (For
* example, any {u}mount() operations performed here will be reflected on the
* host!)
*/
static int lxc_spawn(struct lxc_handler *handler)
{
int failed_before_rename = 0;