mirror of
https://git.proxmox.com/git/mirror_lxc
synced 2025-08-04 18:14:05 +00:00
fix getpwuid() thread safe issue
Signed-off-by: Donghwa Jeong <dh48.jeong@samsung.com>
This commit is contained in:
Donghwa Jeong
parent
db8b325a3c
commit
cb7aa5e8ca
@ -1501,14 +1501,32 @@ int lxc_attach_run_command(void* payload)
|
||||
int lxc_attach_run_shell(void* payload)
|
||||
{
|
||||
uid_t uid;
|
||||
struct passwd *passwd;
|
||||
struct passwd pwent;
|
||||
struct passwd *pwentp = NULL;
|
||||
char *user_shell;
|
||||
char *buf;
|
||||
size_t bufsize;
|
||||
int ret;
|
||||
|
||||
/* Ignore payload parameter. */
|
||||
(void)payload;
|
||||
|
||||
uid = getuid();
|
||||
passwd = getpwuid(uid);
|
||||
|
||||
bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
|
||||
if (bufsize == -1)
|
||||
bufsize = 1024;
|
||||
|
||||
buf = malloc(bufsize);
|
||||
if (buf) {
|
||||
ret = getpwuid_r(uid, &pwent, buf, bufsize, &pwentp);
|
||||
if (!pwentp) {
|
||||
if (ret == 0)
|
||||
WARN("Could not find matched password record.");
|
||||
|
||||
WARN("Failed to get password record - %u", uid);
|
||||
}
|
||||
}
|
||||
|
||||
/* This probably happens because of incompatible nss implementations in
|
||||
* host and container (remember, this code is still using the host's
|
||||
@ -1516,10 +1534,10 @@ int lxc_attach_run_shell(void* payload)
|
||||
* the information by spawning a [getent passwd uid] process and parsing
|
||||
* the result.
|
||||
*/
|
||||
if (!passwd)
|
||||
if (!pwentp)
|
||||
user_shell = lxc_attach_getpwshell(uid);
|
||||
else
|
||||
user_shell = passwd->pw_shell;
|
||||
user_shell = pwent.pw_shell;
|
||||
if (user_shell)
|
||||
execlp(user_shell, user_shell, (char *)NULL);
|
||||
|
||||
@ -1528,7 +1546,8 @@ int lxc_attach_run_shell(void* payload)
|
||||
*/
|
||||
execlp("/bin/sh", "/bin/sh", (char *)NULL);
|
||||
SYSERROR("Failed to execute shell");
|
||||
if (!passwd)
|
||||
if (!pwentp)
|
||||
free(user_shell);
|
||||
free(buf);
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -103,15 +103,35 @@ static int open_and_lock(char *path)
|
||||
|
||||
static char *get_username(void)
|
||||
{
|
||||
struct passwd *pwd;
|
||||
struct passwd pwent;
|
||||
struct passwd *pwentp = NULL;
|
||||
char *buf;
|
||||
char *username;
|
||||
size_t bufsize;
|
||||
int ret;
|
||||
|
||||
pwd = getpwuid(getuid());
|
||||
if (!pwd) {
|
||||
usernic_error("Failed to get username: %s\n", strerror(errno));
|
||||
bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
|
||||
if (bufsize == -1)
|
||||
bufsize = 1024;
|
||||
|
||||
buf = malloc(bufsize);
|
||||
if (!buf)
|
||||
return NULL;
|
||||
|
||||
ret = getpwuid_r(getuid(), &pwent, buf, bufsize, &pwentp);
|
||||
if (!pwentp) {
|
||||
if (ret == 0)
|
||||
usernic_error("%s", "Could not find matched password record\n");
|
||||
|
||||
usernic_error("Failed to get username: %s(%u)\n", strerror(errno), getuid());
|
||||
free(buf);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return pwd->pw_name;
|
||||
username = strdup(pwent.pw_name);
|
||||
free(buf);
|
||||
|
||||
return username;
|
||||
}
|
||||
|
||||
static void free_groupnames(char **groupnames)
|
||||
@ -1170,6 +1190,7 @@ int main(int argc, char *argv[])
|
||||
}
|
||||
|
||||
n = get_alloted(me, args.type, args.link, &alloted);
|
||||
free(me);
|
||||
|
||||
if (request == LXC_USERNIC_DELETE) {
|
||||
int ret;
|
||||
|
||||
@ -253,14 +253,42 @@ static int read_default_map(char *fnam, int which, char *username)
|
||||
|
||||
static int find_default_map(void)
|
||||
{
|
||||
struct passwd *p = getpwuid(getuid());
|
||||
if (!p)
|
||||
struct passwd pwent;
|
||||
struct passwd *pwentp = NULL;
|
||||
char *buf;
|
||||
size_t bufsize;
|
||||
int ret;
|
||||
|
||||
bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
|
||||
if (bufsize == -1)
|
||||
bufsize = 1024;
|
||||
|
||||
buf = malloc(bufsize);
|
||||
if (!buf)
|
||||
return -1;
|
||||
if (read_default_map(subuidfile, ID_TYPE_UID, p->pw_name) < 0)
|
||||
|
||||
ret = getpwuid_r(getuid(), &pwent, buf, bufsize, &pwentp);
|
||||
if (!pwentp) {
|
||||
if (ret == 0)
|
||||
printf("WARN: could not find matched password record\n");
|
||||
|
||||
printf("Failed to get password record - %u\n", getuid());
|
||||
free(buf);
|
||||
return -1;
|
||||
if (read_default_map(subgidfile, ID_TYPE_GID, p->pw_name) < 0)
|
||||
}
|
||||
|
||||
if (read_default_map(subuidfile, ID_TYPE_UID, pwent.pw_name) < 0) {
|
||||
free(buf);
|
||||
return -1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (read_default_map(subgidfile, ID_TYPE_GID, pwent.pw_name) < 0) {
|
||||
free(buf);
|
||||
return -1;
|
||||
}
|
||||
|
||||
free(buf);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
|
||||
@ -4508,13 +4508,35 @@ on_error:
|
||||
/* not thread-safe, do not use from api without first forking */
|
||||
static char *getuname(void)
|
||||
{
|
||||
struct passwd *result;
|
||||
struct passwd pwent;
|
||||
struct passwd *pwentp = NULL;
|
||||
char *buf;
|
||||
char *username;
|
||||
size_t bufsize;
|
||||
int ret;
|
||||
|
||||
result = getpwuid(geteuid());
|
||||
if (!result)
|
||||
bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
|
||||
if (bufsize == -1)
|
||||
bufsize = 1024;
|
||||
|
||||
buf = malloc(bufsize);
|
||||
if (!buf)
|
||||
return NULL;
|
||||
|
||||
return strdup(result->pw_name);
|
||||
ret = getpwuid_r(geteuid(), &pwent, buf, bufsize, &pwentp);
|
||||
if (!pwentp) {
|
||||
if (ret == 0)
|
||||
WARN("Could not find matched password record.");
|
||||
|
||||
ERROR("Failed to get password record - %u", geteuid());
|
||||
free(buf);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
username = strdup(pwent.pw_name);
|
||||
free(buf);
|
||||
|
||||
return username;
|
||||
}
|
||||
|
||||
/* not thread-safe, do not use from api without first forking */
|
||||
|
||||
Loading…
Reference in New Issue
Block a user