proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-14 12:56:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tree-wide: log function called in userns_exec_1()

Browse Source 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner 2017-06-03 23:35:07 +02:00
parent 1d90e06436
commit c9b7c33ed0
No known key found for this signature in database
GPG Key ID: 7B3C391EFEA93624
11 changed files with 33 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/lxc/bdev/bdev.c
View File

@ -437,7 +437,7 @@ struct bdev *bdev_copy(struct lxc_container *c0, const char *cname,
data.orig = orig; data.orig = orig;
data.new = new; data.new = new;
if (am_unpriv()) if (am_unpriv())
ret = userns_exec_1(c0->lxc_conf, rsync_rootfs_wrapper, &data); ret = userns_exec_1(c0->lxc_conf, rsync_rootfs_wrapper, &data, "rsync_rootfs_wrapper");
else else
ret = rsync_rootfs(&data); ret = rsync_rootfs(&data);

3
src/lxc/bdev/lxcaufs.c
View File

@ -133,7 +133,8 @@ int aufs_clonepaths(struct bdev *orig, struct bdev *new, const char *oldname,
rdata.src = odelta; rdata.src = odelta;
rdata.dest = ndelta; rdata.dest = ndelta;
if (am_unpriv()) if (am_unpriv())
ret = userns_exec_1(conf, rsync_delta_wrapper, &rdata); ret = userns_exec_1(conf, rsync_delta_wrapper, &rdata,
"rsync_delta_wrapper");
else else
ret = rsync_delta(&rdata); ret = rsync_delta(&rdata);
if (ret) { if (ret) {

3
src/lxc/bdev/lxcbtrfs.c
View File

@ -398,7 +398,8 @@ int btrfs_clonepaths(struct bdev *orig, struct bdev *new, const char *oldname,
return btrfs_snapshot(orig->dest, new->dest); return btrfs_snapshot(orig->dest, new->dest);
sdata.dest = new->dest; sdata.dest = new->dest;
sdata.src = orig->dest; sdata.src = orig->dest;
return userns_exec_1(conf, btrfs_snapshot_wrapper, &sdata); return userns_exec_1(conf, btrfs_snapshot_wrapper, &sdata,
"btrfs_snapshot_wrapper");
} }
if (rmdir(new->dest) < 0 && errno != ENOENT) { if (rmdir(new->dest) < 0 && errno != ENOENT) {

3
src/lxc/bdev/lxcoverlay.c
View File

@ -750,7 +750,8 @@ static int ovl_do_rsync(struct bdev *orig, struct bdev *new, struct lxc_conf *co
rdata.orig = orig; rdata.orig = orig;
rdata.new = new; rdata.new = new;
if (am_unpriv()) if (am_unpriv())
ret = userns_exec_1(conf, ovl_rsync_wrapper, &rdata); ret = userns_exec_1(conf, ovl_rsync_wrapper, &rdata,
"ovl_rsync_wrapper");
else else
ret = ovl_rsync(&rdata); ret = ovl_rsync(&rdata);
if (ret) if (ret)

6
src/lxc/cgroups/cgfs.c
View File

@ -1874,7 +1874,8 @@ static int create_or_remove_cgroup(bool do_remove,
return 0; return 0;
if (recurse) { if (recurse) {
if (conf && !lxc_list_empty(&conf->id_map)) if (conf && !lxc_list_empty(&conf->id_map))
r = userns_exec_1(conf, rmdir_wrapper, buf); r = userns_exec_1(conf, rmdir_wrapper, buf,
"rmdir_wrapper");
else else
r = cgroup_rmdir(buf); r = cgroup_rmdir(buf);
} else } else
@ -2616,7 +2617,8 @@ static bool do_cgfs_chown(char *cgroup_path, struct lxc_conf *conf)
/* Unpriv users can't chown it themselves, so chown from /* Unpriv users can't chown it themselves, so chown from
* a child namespace mapping both our own and the target uid * a child namespace mapping both our own and the target uid
*/ */
if (userns_exec_1(conf, chown_cgroup_wrapper, &data) < 0) { if (userns_exec_1(conf, chown_cgroup_wrapper, &data,
"chown_cgroup_wrapper") < 0) {
ERROR("Error requesting cgroup chown in new namespace"); ERROR("Error requesting cgroup chown in new namespace");
return false; return false;
} }

5
src/lxc/cgroups/cgfsng.c
View File

@ -1284,7 +1284,7 @@ void recursive_destroy(char *path, struct lxc_conf *conf)
{ {
int r; int r;
if (conf && !lxc_list_empty(&conf->id_map)) if (conf && !lxc_list_empty(&conf->id_map))
r = userns_exec_1(conf, rmdir_wrapper, path); r = userns_exec_1(conf, rmdir_wrapper, path, "rmdir_wrapper");
else else
r = cgroup_rmdir(path); r = cgroup_rmdir(path);
@ -1507,7 +1507,8 @@ static bool cgfsns_chown(void *hdata, struct lxc_conf *conf)
wrap.d = d; wrap.d = d;
wrap.origuid = geteuid(); wrap.origuid = geteuid();
if (userns_exec_1(conf, chown_cgroup_wrapper, &wrap) < 0) { if (userns_exec_1(conf, chown_cgroup_wrapper, &wrap,
"chown_cgroup_wrapper") < 0) {
ERROR("Error requesting cgroup chown in new namespace"); ERROR("Error requesting cgroup chown in new namespace");
return false; return false;
} }

3
src/lxc/cgroups/cgmanager.c
View File

@ -497,7 +497,8 @@ static bool chown_cgroup(const char *cgroup_path, struct lxc_conf *conf)
/* Unpriv users can't chown it themselves, so chown from /* Unpriv users can't chown it themselves, so chown from
* a child namespace mapping both our own and the target uid * a child namespace mapping both our own and the target uid
*/ */
if (userns_exec_1(conf, chown_cgroup_wrapper, &data) < 0) { if (userns_exec_1(conf, chown_cgroup_wrapper, &data,
"chown_cgroup_wrapper") < 0) {
ERROR("Error requesting cgroup chown in new namespace"); ERROR("Error requesting cgroup chown in new namespace");
return false; return false;
} }

7
src/lxc/conf.c
View File

@ -4669,6 +4669,7 @@ void lxc_conf_free(struct lxc_conf *conf)
struct userns_fn_data { struct userns_fn_data {
int (*fn)(void *); int (*fn)(void *);
const char *fn_name;
void *arg; void *arg;
int p[2]; int p[2];
}; };
@ -4690,6 +4691,8 @@ static int run_userns_fn(void *data)
/* Close read end of the pipe. */ /* Close read end of the pipe. */
close(d->p[0]); close(d->p[0]);
if (d->fn_name)
TRACE("calling function \"%s\"", d->fn_name);
/* Call function to run. */ /* Call function to run. */
return d->fn(d->arg); return d->fn(d->arg);
} }
@ -4767,7 +4770,8 @@ static struct id_map *idmap_add(struct lxc_conf *conf, uid_t id, enum idtype typ
* retrieve from the ontainer's configured {g,u}id mappings as it must have been * retrieve from the ontainer's configured {g,u}id mappings as it must have been
* there to start the container in the first place. * there to start the container in the first place.
*/ */
int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data) int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data,
const char *fn_name)
{ {
pid_t pid; pid_t pid;
uid_t euid, egid; uid_t euid, egid;
@ -4787,6 +4791,7 @@ int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data)
return -1; return -1;
} }
d.fn = fn; d.fn = fn;
d.fn_name = fn_name;
d.arg = data; d.arg = data;
d.p[0] = p[0]; d.p[0] = p[0];
d.p[1] = p[1]; d.p[1] = p[1];

3
src/lxc/conf.h
View File

@ -473,7 +473,8 @@ extern int find_unmapped_nsid(struct lxc_conf *conf, enum idtype idtype);
extern int mapped_hostid(unsigned id, struct lxc_conf *conf, enum idtype idtype); extern int mapped_hostid(unsigned id, struct lxc_conf *conf, enum idtype idtype);
extern int chown_mapped_root(char *path, struct lxc_conf *conf); extern int chown_mapped_root(char *path, struct lxc_conf *conf);
extern int ttys_shift_ids(struct lxc_conf *c); extern int ttys_shift_ids(struct lxc_conf *c);
extern int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data); extern int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data,
const char *fn_name);
extern int parse_mntopts(const char *mntopts, unsigned long *mntflags, extern int parse_mntopts(const char *mntopts, unsigned long *mntflags,
char **mntdata); char **mntdata);
extern void tmp_proc_unmount(struct lxc_conf *lxc_conf); extern void tmp_proc_unmount(struct lxc_conf *lxc_conf);

8
src/lxc/lxccontainer.c
View File

@ -2339,7 +2339,8 @@ static bool has_snapshots(struct lxc_container *c)
static bool do_destroy_container(struct lxc_conf *conf) { static bool do_destroy_container(struct lxc_conf *conf) {
if (am_unpriv()) { if (am_unpriv()) {
if (userns_exec_1(conf, bdev_destroy_wrapper, conf) < 0) if (userns_exec_1(conf, bdev_destroy_wrapper, conf,
"bdev_destroy_wrapper") < 0)
return false; return false;
return true; return true;
} }
@ -2421,7 +2422,8 @@ static bool container_destroy(struct lxc_container *c)
char *path = alloca(strlen(p1) + strlen(c->name) + 2); char *path = alloca(strlen(p1) + strlen(c->name) + 2);
sprintf(path, "%s/%s", p1, c->name); sprintf(path, "%s/%s", p1, c->name);
if (am_unpriv()) if (am_unpriv())
ret = userns_exec_1(conf, lxc_rmdir_onedev_wrapper, path); ret = userns_exec_1(conf, lxc_rmdir_onedev_wrapper, path,
"lxc_rmdir_onedev_wrapper");
else else
ret = lxc_rmdir_onedev(path, "snaps"); ret = lxc_rmdir_onedev(path, "snaps");
if (ret < 0) { if (ret < 0) {
@ -3230,7 +3232,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char
data.hookargs = hookargs; data.hookargs = hookargs;
if (am_unpriv()) if (am_unpriv())
ret = userns_exec_1(c->lxc_conf, clone_update_rootfs_wrapper, ret = userns_exec_1(c->lxc_conf, clone_update_rootfs_wrapper,
&data); &data, "clone_update_rootfs_wrapper");
else else
ret = clone_update_rootfs(&data); ret = clone_update_rootfs(&data);
if (ret < 0) if (ret < 0)

6
src/lxc/start.c
View File

@ -1541,7 +1541,8 @@ static void lxc_destroy_container_on_signal(struct lxc_handler *handler,
} }
if (am_unpriv()) if (am_unpriv())
ret = userns_exec_1(handler->conf, lxc_rmdir_onedev_wrapper, destroy); ret = userns_exec_1(handler->conf, lxc_rmdir_onedev_wrapper,
destroy, "lxc_rmdir_onedev_wrapper");
else else
ret = lxc_rmdir_onedev(destroy, NULL); ret = lxc_rmdir_onedev(destroy, NULL);
@ -1560,7 +1561,8 @@ static int lxc_rmdir_onedev_wrapper(void *data)
static bool do_destroy_container(struct lxc_conf *conf) { static bool do_destroy_container(struct lxc_conf *conf) {
if (am_unpriv()) { if (am_unpriv()) {
if (userns_exec_1(conf, bdev_destroy_wrapper, conf) < 0) if (userns_exec_1(conf, bdev_destroy_wrapper, conf,
"bdev_destroy_wrapper") < 0)
return false; return false;
return true; return true;
} }