- check for buffer overflow
- only call INFO() after we ensured that readlink() was successful
- simplify logic
Reported-by: Benedikt Rosenkranz beluro@web.de
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
I suspect that there's a glibc bug on ppc64le. Both clang and gcc a very
unhappy when you return -errno from these functions. Instead, let's return
concrete errno numbers, e.g. -EINVAL.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This patch add function `get_action_name`, so we can print action name
in the log file. for example:
```
lxc-start ubuntu 20170515095416.561 INFO lxc_seccomp - seccomp.c:parse_config_v2:613 - Adding compat rule for reject_force_umount action 0(kill).
lxc-start ubuntu 20170515095416.562 INFO lxc_seccomp - seccomp.c:parse_config_v2:613 - Adding compat rule for kexec_load action 327681(errno).
```
Signed-off-by: 0x0916 <w@laoqinren.net>
So far, we somehow always called lxc_map_ids(), even when no id map was
configured. Let's not do this.
Closes#1555.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
I really fail to see the point of this and git {blame, log -S} don't really
enlighten me on the reason for this as well. But I might be dense. The way I
see it the only thing this line achieves is causing trouble when the container
is started as root because the umount2() call will umount e.g.
/usr/lib/x86_64-linux-gnu/lxc in case it is a mountpoint on the host. Note,
this is because lxc_spawn() is still called in the hosts namespaces.
Closes https://github.com/lxc/lxd/#3255.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
lxc_unstack_mountpoint() tries to clear all mountpoints from a given path.
It return the number of successful umounts on success and -errno on error.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
The code in conf will bind-mount a /dev/pts/<n> device over a dummy regular
/dev/console file. If users really want /dev/console bind-mount from the host
they can request it explicitly in the containers config file. This change will
have no effect on current LX{C,D} behavior since we (as said above) overmount
the /dev/console bind-mount anyway.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
In case the user specified
lxc.console = none
lxc.devttydir = bla
lxc.mount.entry = /dev/console dev/console none bind,create=file 0 0
move the mount under /dev/bla/console
If he requested a mknod()ed /dev/console rename it to /dev/bla/console.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
In case the user did request a console to be set up unmount any prior
bind-mount for it.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
