The execveat allows us to exec stuff via a fd so we don't have to bind mount
stuff in. See the comment about why we're using the syscall directly.
Closes#2339.
Signed-off-by: Tycho Andersen <tycho@tycho.ws>
[christian.brauner@ubuntu.com: adapt error message and whitespace fixes]
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
When using the LXC API multi-thread and users initialize a log:
struct lxc_log log;
log.name = "my-log";
lxc_log_init(&log);
all threads will have the same "my-log" prefix even though thy might call
lxc_container_new() in separate threads. There is currently no easy way to
handle per-thread container name prefixes.
To handle this carry a reference to the name of the container in struct
lxc_conf and if no log.name was set, use it by default. This way each thread
will get the container it is currently working on as a log-prefix.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Reported-by: duguhaotian <duguhaotian@gmail.com>
This replaces the constructor implementation of cgroup handling with a simpler,
thread-safe on-demand model of cgroup driver initialization.
Making the cgroup initialization code run in a constructor means that each time
the shared library gets mapped the cgroup parsing code gets run. That's
unnecessary overhead.
It also feels to me that this is only accidently thread-safe because
constructors are only run once. But should threads actually end up manipulating
or freeing memory that is file-global to cgfsng.c we'd be screwed. Now, I might
be wrong here but the cleaner implementation is to allocate a cgroup driver on
demand whenever we need it.
Take the chance and rework the cgroup_ops interface to make the functions it
wants to have implemented a lot cleaner.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Unprivileged containers can safely mount /sys as read-write. This also allows
systemd-udevd to be started in unprivileged containers.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This reverts commit 2ec47d5149.
First, I forgot to actually replace strncpy() with strlcpy(). Second, we don't
want to \0-terminate since this is an abstract unix socket and this is not
required. Instead, let's simply use memcpy() which is more correct and also
silences gcc-8.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
The additional \0-byte space added is not needed since IFNAMSIZ needs to
include the \0-byte.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Apparently -Werror=stringop-overflow will trigger an error here even though
this is completely valid since we now that we're definitely copying a \0-byte.
Work around this gcc-8 quirk by using memcpy(). This shouldn't trigger the
warning.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Dereference after null check
userns_exec_{1,full} are called from functions that might not have a conf.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
These files have never been used and as such have no dependencies in the
codebase whatsoever. So remove them. If we need them we can simply pull them
out of the git history.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
