[lxc-devel] [PATCH please read!] Update absolute paths for overlay and aufs mounts
Christian Brauner
christianvanbrauner at gmail.com
Fri Oct 9 12:50:43 UTC 2015
1) Note also that this function does not sanitize paths apart from removing
trailing slashes. (So when a user specifies //home//someone/// it will be
cleaned to //home//someone. This is the minimal path cleansing which is also
done by lxc_container_new().) But the mount_entry_create_overlay_dirs() and
mount_entry_create_aufs_dirs() function both try to be extremely strict about
when to create upperdirs and workdirs. They will only accept sanitized paths,
i.e. they require /home/someone and nothing else. I think this is a (safety)
virtue and we should consider sanitizing paths in general. In short:
update_union_mount_entry_paths() does update all absolute paths to the new
container but mount_entry_create_*_dirs() will still refuse to create
upperdir and workdir when the updated path is unclean. This happens easily
when e.g. a user calls lxc-clone -o OLD -n NEW -P //home//chb///.
The function can easily be adapted to do path sanitizing before updating the
paths but this should probably be something the API-functions like
do_lxcapi_clone() etc. should actually be doing. Something to think about...
2) Someone familiar with the part of lxc_conf->unexpanded_config should
especially check if setting lxc_conf->unexpanded_len and
lxc_conf->unexpanded_alloced in the following way is ok:
+ if (new_unexpanded_config) {
+ free(lxc_conf->unexpanded_config);
+ lxc_conf->unexpanded_config = strdup(new_unexpanded_config);
+ } else if (tmp_unexpanded_config) {
+ free(lxc_conf->unexpanded_config);
+ lxc_conf->unexpanded_config = strdup(tmp_unexpanded_config);
+ }
+
+ if (lxc_conf->unexpanded_config) {
+ len = strlen(lxc_conf->unexpanded_config);
+ lxc_conf->unexpanded_len = len;
+ lxc_conf->unexpanded_alloced = len + 1;
+ }
+
+ free(new_unexpanded_config);
+ free(tmp_unexpanded_config);
+ new_unexpanded_config = NULL;
+ tmp_unexpanded_config = NULL;
+ tmp = NULL;
+
+ if (!lxc_conf->unexpanded_config)
+ goto err;
Christian Brauner (1):
Update absolute paths for overlay and aufs mounts
src/lxc/lxccontainer.c | 108 ++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 107 insertions(+), 1 deletion(-)
--
2.6.1
More information about the lxc-devel
mailing list