proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-31 09:19:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

attach: cleanup fetch_seccomp()

Browse Source 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner 2018-07-11 23:38:31 +02:00
parent 3fa23ac32e
commit d4db3d1441
No known key found for this signature in database
GPG Key ID: 8EB056D53EECB12D
1 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
src/lxc/attach.c
View File

@ -643,9 +643,10 @@ static void lxc_attach_get_init_uidgid(uid_t *init_uid, gid_t *init_gid)
/* Define default options if no options are supplied by the user. */ /* Define default options if no options are supplied by the user. */
static lxc_attach_options_t attach_static_default_options = LXC_ATTACH_OPTIONS_DEFAULT; static lxc_attach_options_t attach_static_default_options = LXC_ATTACH_OPTIONS_DEFAULT;
static bool fetch_seccomp(struct lxc_container *c, static bool fetch_seccomp(struct lxc_container *c, lxc_attach_options_t *options)
lxc_attach_options_t *options)
{ {
int ret;
bool bret;
char *path; char *path;
if (!(options->namespaces & CLONE_NEWNS) || if (!(options->namespaces & CLONE_NEWNS) ||
@ -656,36 +657,36 @@ static bool fetch_seccomp(struct lxc_container *c,
} }
/* Remove current setting. */ /* Remove current setting. */
if (!c->set_config_item(c, "lxc.seccomp", "") && if (!c->set_config_item(c, "lxc.seccomp.profile", "") &&
!c->set_config_item(c, "lxc.seccomp.profile", "")) { !c->set_config_item(c, "lxc.seccomp", "")) {
return false; return false;
} }
/* Fetch the current profile path over the cmd interface. */ /* Fetch the current profile path over the cmd interface. */
path = c->get_running_config_item(c, "lxc.seccomp.profile"); path = c->get_running_config_item(c, "lxc.seccomp.profile");
if (!path) { if (!path) {
INFO("Failed to get running config item for lxc.seccomp.profile"); INFO("Failed to retrieve lxc.seccomp.profile");
path = c->get_running_config_item(c, "lxc.seccomp"); path = c->get_running_config_item(c, "lxc.seccomp");
} if (!path) {
if (!path) { INFO("Failed to retrieve lxc.seccomp");
INFO("Failed to get running config item for lxc.seccomp"); return true;
return true; }
} }
/* Copy the value into the new lxc_conf. */ /* Copy the value into the new lxc_conf. */
if (!c->set_config_item(c, "lxc.seccomp.profile", path)) { bret = c->set_config_item(c, "lxc.seccomp.profile", path);
free(path);
return false;
}
free(path); free(path);
if (!bret)
return false;
/* Attempt to parse the resulting config. */ /* Attempt to parse the resulting config. */
if (lxc_read_seccomp_config(c->lxc_conf) < 0) { ret = lxc_read_seccomp_config(c->lxc_conf);
ERROR("Error reading seccomp policy."); if (ret < 0) {
ERROR("Failed to retrieve seccomp policy");
return false; return false;
} }
INFO("Retrieved seccomp policy."); INFO("Retrieved seccomp policy");
return true; return true;
} }