[lxc-devel] [lxc/master] confile: prepare for 2.1.
brauner on Github
lxc-bot at linuxcontainers.org
Fri Jun 23 13:45:36 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170623/ac035f4d/attachment.bin>
-------------- next part --------------
From 953fe44f7cc25cfe290e8bf204f7baed62f28071 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Fri, 23 Jun 2017 15:35:17 +0200
Subject: [PATCH 1/3] confile: properly namespace security keys
- lxc.aa_profile => lxc.apparmor.profile
- lxc.aa_allow_incomplete => lxc.apparmor.allow_incomplete
- lxc.se_context => lxc.selinux.context
The legacy keys will be kept around until LXC 3.0 and then will be removed.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 4 +-
src/lxc/conf.c | 1 +
src/lxc/confile.c | 288 ++++++++++-----------
.../{confile_network_legacy.c => confile_legacy.c} | 80 +++++-
.../{confile_network_legacy.h => confile_legacy.h} | 25 +-
src/lxc/confile_utils.c | 20 ++
src/lxc/confile_utils.h | 2 +
src/lxc/lxccontainer.c | 2 +-
src/tests/parse_config_file.c | 38 ++-
9 files changed, 302 insertions(+), 158 deletions(-)
rename src/lxc/{confile_network_legacy.c => confile_legacy.c} (92%)
rename src/lxc/{confile_network_legacy.h => confile_legacy.h} (78%)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 588c9f38b..ea1982ea7 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -21,7 +21,7 @@ noinst_HEADERS = \
caps.h \
conf.h \
confile.h \
- confile_network_legacy.h \
+ confile_legacy.h \
confile_utils.h \
console.h \
error.h \
@@ -104,7 +104,7 @@ liblxc_la_SOURCES = \
namespace.h namespace.c \
conf.c conf.h \
confile.c confile.h \
- confile_network_legacy.c confile_network_legacy.h \
+ confile_legacy.c confile_legacy.h \
confile_utils.c confile_utils.h \
list.h \
state.c state.h \
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 881a68829..7ecfc82ec 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1455,6 +1455,7 @@ static int lxc_setup_dev_console(const struct lxc_rootfs *rootfs,
} else {
DEBUG("cleared all (%d) mounts from \"%s\"", ret, path);
}
+
ret = unlink(path);
if (ret < 0) {
SYSERROR("error unlinking %s", path);
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index 97583f7f7..cfad6c5a8 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -45,7 +45,7 @@
#include "parse.h"
#include "config.h"
#include "confile.h"
-#include "confile_network_legacy.h"
+#include "confile_legacy.h"
#include "confile_utils.h"
#include "utils.h"
#include "log.h"
@@ -93,24 +93,24 @@ static int get_config_kmsg(const char *, char *, int, struct lxc_conf *,
void *);
static int clr_config_kmsg(const char *, struct lxc_conf *, void *);
-static int set_config_lsm_aa_profile(const char *, const char *,
- struct lxc_conf *, void *);
-static int get_config_lsm_aa_profile(const char *, char *, int,
- struct lxc_conf *, void *);
-static int clr_config_lsm_aa_profile(const char *, struct lxc_conf *, void *);
+static int set_config_apparmor_profile(const char *, const char *,
+ struct lxc_conf *, void *);
+static int get_config_apparmor_profile(const char *, char *, int,
+ struct lxc_conf *, void *);
+static int clr_config_apparmor_profile(const char *, struct lxc_conf *, void *);
-static int set_config_lsm_aa_incomplete(const char *, const char *,
- struct lxc_conf *, void *);
-static int get_config_lsm_aa_incomplete(const char *, char *, int,
- struct lxc_conf *, void *);
-static int clr_config_lsm_aa_incomplete(const char *, struct lxc_conf *,
- void *);
+static int set_config_apparmor_allow_incomplete(const char *, const char *,
+ struct lxc_conf *, void *);
+static int get_config_apparmor_allow_incomplete(const char *, char *, int,
+ struct lxc_conf *, void *);
+static int clr_config_apparmor_allow_incomplete(const char *, struct lxc_conf *,
+ void *);
-static int set_config_lsm_se_context(const char *, const char *,
- struct lxc_conf *, void *);
-static int get_config_lsm_se_context(const char *, char *, int,
- struct lxc_conf *, void *);
-static int clr_config_lsm_se_context(const char *, struct lxc_conf *, void *);
+static int set_config_selinux_context(const char *, const char *,
+ struct lxc_conf *, void *);
+static int get_config_selinux_context(const char *, char *, int,
+ struct lxc_conf *, void *);
+static int clr_config_selinux_context(const char *, struct lxc_conf *, void *);
static int set_config_cgroup(const char *, const char *, struct lxc_conf *,
void *);
@@ -424,98 +424,107 @@ static int get_config_limit(const char *, char *, int, struct lxc_conf *,
static int clr_config_limit(const char *, struct lxc_conf *, void *);
static struct lxc_config_t config[] = {
- { "lxc.arch", set_config_personality, get_config_personality, clr_config_personality, },
- { "lxc.pts", set_config_pts, get_config_pts, clr_config_pts, },
- { "lxc.tty", set_config_tty, get_config_tty, clr_config_tty, },
- { "lxc.devttydir", set_config_ttydir, get_config_ttydir, clr_config_ttydir, },
- { "lxc.kmsg", set_config_kmsg, get_config_kmsg, clr_config_kmsg, },
- { "lxc.aa_profile", set_config_lsm_aa_profile, get_config_lsm_aa_profile, clr_config_lsm_aa_profile, },
- { "lxc.aa_allow_incomplete", set_config_lsm_aa_incomplete, get_config_lsm_aa_incomplete, clr_config_lsm_aa_incomplete, },
- { "lxc.se_context", set_config_lsm_se_context, get_config_lsm_se_context, clr_config_lsm_se_context, },
- { "lxc.cgroup", set_config_cgroup, get_config_cgroup, clr_config_cgroup, },
- { "lxc.id_map", set_config_idmaps, get_config_idmaps, clr_config_idmaps, },
- { "lxc.loglevel", set_config_loglevel, get_config_loglevel, clr_config_loglevel, },
- { "lxc.logfile", set_config_logfile, get_config_logfile, clr_config_logfile, },
- { "lxc.mount.entry", set_config_mount, get_config_mount, clr_config_mount, },
- { "lxc.mount.auto", set_config_mount_auto, get_config_mount_auto, clr_config_mount_auto, },
- { "lxc.mount", set_config_fstab, get_config_fstab, clr_config_fstab, },
- { "lxc.rootfs.mount", set_config_rootfs_mount, get_config_rootfs_mount, clr_config_rootfs_mount, },
- { "lxc.rootfs.options", set_config_rootfs_options, get_config_rootfs_options, clr_config_rootfs_options, },
- { "lxc.rootfs.backend", set_config_rootfs_backend, get_config_rootfs_backend, clr_config_rootfs_backend, },
- { "lxc.rootfs", set_config_rootfs, get_config_rootfs, clr_config_rootfs, },
- { "lxc.pivotdir", set_config_pivotdir, get_config_pivotdir, clr_config_pivotdir, },
- { "lxc.utsname", set_config_utsname, get_config_utsname, clr_config_utsname, },
- { "lxc.hook.pre-start", set_config_hooks, get_config_hooks, clr_config_hooks, },
- { "lxc.hook.pre-mount", set_config_hooks, get_config_hooks, clr_config_hooks, },
- { "lxc.hook.mount", set_config_hooks, get_config_hooks, clr_config_hooks, },
- { "lxc.hook.autodev", set_config_hooks, get_config_hooks, clr_config_hooks, },
- { "lxc.hook.start", set_config_hooks, get_config_hooks, clr_config_hooks, },
- { "lxc.hook.stop", set_config_hooks, get_config_hooks, clr_config_hooks, },
- { "lxc.hook.post-stop", set_config_hooks, get_config_hooks, clr_config_hooks, },
- { "lxc.hook.clone", set_config_hooks, get_config_hooks, clr_config_hooks, },
- { "lxc.hook.destroy", set_config_hooks, get_config_hooks, clr_config_hooks, },
- { "lxc.hook", set_config_hooks, get_config_hooks, clr_config_hooks, },
- /* legacy network keys */
- { "lxc.network.type", set_config_network_legacy_type, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.flags", set_config_network_legacy_flags, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.link", set_config_network_legacy_link, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.name", set_config_network_legacy_name, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.macvlan.mode", set_config_network_legacy_macvlan_mode, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.veth.pair", set_config_network_legacy_veth_pair, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.script.up", set_config_network_legacy_script_up, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.script.down", set_config_network_legacy_script_down, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.hwaddr", set_config_network_legacy_hwaddr, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.mtu", set_config_network_legacy_mtu, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.vlan.id", set_config_network_legacy_vlan_id, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.ipv4.gateway", set_config_network_legacy_ipv4_gateway, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.ipv4", set_config_network_legacy_ipv4, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.ipv6.gateway", set_config_network_legacy_ipv6_gateway, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.ipv6", set_config_network_legacy_ipv6, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network.", set_config_network_legacy_nic, get_config_network_legacy_item, clr_config_network_legacy_item, },
- { "lxc.network", set_config_network_legacy, get_config_network_legacy, clr_config_network_legacy, },
-
- { "lxc.net.type", set_config_net_type, get_config_net_type, clr_config_net_type, },
- { "lxc.net.flags", set_config_net_flags, get_config_net_flags, clr_config_net_flags, },
- { "lxc.net.link", set_config_net_link, get_config_net_link, clr_config_net_link, },
- { "lxc.net.name", set_config_net_name, get_config_net_name, clr_config_net_name, },
- { "lxc.net.macvlan.mode", set_config_net_macvlan_mode, get_config_net_macvlan_mode, clr_config_net_macvlan_mode, },
- { "lxc.net.veth.pair", set_config_net_veth_pair, get_config_net_veth_pair, clr_config_net_veth_pair, },
- { "lxc.net.script.up", set_config_net_script_up, get_config_net_script_up, clr_config_net_script_up, },
- { "lxc.net.script.down", set_config_net_script_down, get_config_net_script_down, clr_config_net_script_down, },
- { "lxc.net.hwaddr", set_config_net_hwaddr, get_config_net_hwaddr, clr_config_net_hwaddr, },
- { "lxc.net.mtu", set_config_net_mtu, get_config_net_mtu, clr_config_net_mtu, },
- { "lxc.net.vlan.id", set_config_net_vlan_id, get_config_net_vlan_id, clr_config_net_vlan_id, },
- { "lxc.net.ipv4.gateway", set_config_net_ipv4_gateway, get_config_net_ipv4_gateway, clr_config_net_ipv4_gateway, },
- { "lxc.net.ipv4", set_config_net_ipv4, get_config_net_ipv4, clr_config_net_ipv4, },
- { "lxc.net.ipv6.gateway", set_config_net_ipv6_gateway, get_config_net_ipv6_gateway, clr_config_net_ipv6_gateway, },
- { "lxc.net.ipv6", set_config_net_ipv6, get_config_net_ipv6, clr_config_net_ipv6, },
- { "lxc.net.", set_config_net_nic, get_config_net_nic, clr_config_net_nic, },
- { "lxc.net", set_config_net, get_config_net, clr_config_net, },
-
-
- { "lxc.cap.drop", set_config_cap_drop, get_config_cap_drop, clr_config_cap_drop, },
- { "lxc.cap.keep", set_config_cap_keep, get_config_cap_keep, clr_config_cap_keep, },
- { "lxc.console.logfile", set_config_console_logfile, get_config_console_logfile, clr_config_console_logfile, },
- { "lxc.console", set_config_console, get_config_console, clr_config_console, },
- { "lxc.seccomp", set_config_seccomp, get_config_seccomp, clr_config_seccomp, },
- { "lxc.include", set_config_includefiles, get_config_includefiles, clr_config_includefiles, },
- { "lxc.autodev", set_config_autodev, get_config_autodev, clr_config_autodev, },
- { "lxc.haltsignal", set_config_haltsignal, get_config_haltsignal, clr_config_haltsignal, },
- { "lxc.rebootsignal", set_config_rebootsignal, get_config_rebootsignal, clr_config_rebootsignal, },
- { "lxc.stopsignal", set_config_stopsignal, get_config_stopsignal, clr_config_stopsignal, },
- { "lxc.start.auto", set_config_start, get_config_start, clr_config_start, },
- { "lxc.start.delay", set_config_start, get_config_start, clr_config_start, },
- { "lxc.start.order", set_config_start, get_config_start, clr_config_start, },
- { "lxc.monitor.unshare", set_config_monitor, get_config_monitor, clr_config_monitor, },
- { "lxc.group", set_config_group, get_config_group, clr_config_group, },
- { "lxc.environment", set_config_environment, get_config_environment, clr_config_environment, },
- { "lxc.init_cmd", set_config_init_cmd, get_config_init_cmd, clr_config_init_cmd, },
- { "lxc.init_uid", set_config_init_uid, get_config_init_uid, clr_config_init_uid, },
- { "lxc.init_gid", set_config_init_gid, get_config_init_gid, clr_config_init_gid, },
- { "lxc.ephemeral", set_config_ephemeral, get_config_ephemeral, clr_config_ephemeral, },
- { "lxc.syslog", set_config_syslog, get_config_syslog, clr_config_syslog, },
- { "lxc.no_new_privs", set_config_no_new_privs, get_config_no_new_privs, clr_config_no_new_privs, },
- { "lxc.limit", set_config_limit, get_config_limit, clr_config_limit, },
+ { "lxc.arch", set_config_personality, get_config_personality, clr_config_personality, },
+ { "lxc.pts", set_config_pts, get_config_pts, clr_config_pts, },
+ { "lxc.tty", set_config_tty, get_config_tty, clr_config_tty, },
+ { "lxc.devttydir", set_config_ttydir, get_config_ttydir, clr_config_ttydir, },
+ { "lxc.kmsg", set_config_kmsg, get_config_kmsg, clr_config_kmsg, },
+ { "lxc.apparmor.profile", set_config_apparmor_profile, get_config_apparmor_profile, clr_config_apparmor_profile, },
+ { "lxc.apparmor.allow_incomplete", set_config_apparmor_allow_incomplete, get_config_apparmor_allow_incomplete, clr_config_apparmor_allow_incomplete, },
+ { "lxc.selinux.context", set_config_selinux_context, get_config_selinux_context, clr_config_selinux_context, },
+
+ /* REMOVE IN LXC 3.0
+ legacy security keys
+ */
+ { "lxc.aa_profile", set_config_lsm_aa_profile, get_config_lsm_aa_profile, clr_config_lsm_aa_profile, },
+ { "lxc.aa_allow_incomplete", set_config_lsm_aa_incomplete, get_config_lsm_aa_incomplete, clr_config_lsm_aa_incomplete, },
+ { "lxc.se_context", set_config_lsm_se_context, get_config_lsm_se_context, clr_config_lsm_se_context, },
+
+ { "lxc.cgroup", set_config_cgroup, get_config_cgroup, clr_config_cgroup, },
+ { "lxc.id_map", set_config_idmaps, get_config_idmaps, clr_config_idmaps, },
+ { "lxc.loglevel", set_config_loglevel, get_config_loglevel, clr_config_loglevel, },
+ { "lxc.logfile", set_config_logfile, get_config_logfile, clr_config_logfile, },
+ { "lxc.mount.entry", set_config_mount, get_config_mount, clr_config_mount, },
+ { "lxc.mount.auto", set_config_mount_auto, get_config_mount_auto, clr_config_mount_auto, },
+ { "lxc.mount", set_config_fstab, get_config_fstab, clr_config_fstab, },
+ { "lxc.rootfs.mount", set_config_rootfs_mount, get_config_rootfs_mount, clr_config_rootfs_mount, },
+ { "lxc.rootfs.options", set_config_rootfs_options, get_config_rootfs_options, clr_config_rootfs_options, },
+ { "lxc.rootfs.backend", set_config_rootfs_backend, get_config_rootfs_backend, clr_config_rootfs_backend, },
+ { "lxc.rootfs", set_config_rootfs, get_config_rootfs, clr_config_rootfs, },
+ { "lxc.pivotdir", set_config_pivotdir, get_config_pivotdir, clr_config_pivotdir, },
+ { "lxc.utsname", set_config_utsname, get_config_utsname, clr_config_utsname, },
+ { "lxc.hook.pre-start", set_config_hooks, get_config_hooks, clr_config_hooks, },
+ { "lxc.hook.pre-mount", set_config_hooks, get_config_hooks, clr_config_hooks, },
+ { "lxc.hook.mount", set_config_hooks, get_config_hooks, clr_config_hooks, },
+ { "lxc.hook.autodev", set_config_hooks, get_config_hooks, clr_config_hooks, },
+ { "lxc.hook.start", set_config_hooks, get_config_hooks, clr_config_hooks, },
+ { "lxc.hook.stop", set_config_hooks, get_config_hooks, clr_config_hooks, },
+ { "lxc.hook.post-stop", set_config_hooks, get_config_hooks, clr_config_hooks, },
+ { "lxc.hook.clone", set_config_hooks, get_config_hooks, clr_config_hooks, },
+ { "lxc.hook.destroy", set_config_hooks, get_config_hooks, clr_config_hooks, },
+ { "lxc.hook", set_config_hooks, get_config_hooks, clr_config_hooks, },
+
+ /* REMOVE IN LXC 3.0
+ legacy security keys
+ */
+ { "lxc.network.type", set_config_network_legacy_type, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.flags", set_config_network_legacy_flags, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.link", set_config_network_legacy_link, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.name", set_config_network_legacy_name, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.macvlan.mode", set_config_network_legacy_macvlan_mode, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.veth.pair", set_config_network_legacy_veth_pair, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.script.up", set_config_network_legacy_script_up, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.script.down", set_config_network_legacy_script_down, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.hwaddr", set_config_network_legacy_hwaddr, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.mtu", set_config_network_legacy_mtu, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.vlan.id", set_config_network_legacy_vlan_id, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.ipv4.gateway", set_config_network_legacy_ipv4_gateway, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.ipv4", set_config_network_legacy_ipv4, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.ipv6.gateway", set_config_network_legacy_ipv6_gateway, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.ipv6", set_config_network_legacy_ipv6, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network.", set_config_network_legacy_nic, get_config_network_legacy_item, clr_config_network_legacy_item, },
+ { "lxc.network", set_config_network_legacy, get_config_network_legacy, clr_config_network_legacy, },
+
+ { "lxc.net.type", set_config_net_type, get_config_net_type, clr_config_net_type, },
+ { "lxc.net.flags", set_config_net_flags, get_config_net_flags, clr_config_net_flags, },
+ { "lxc.net.link", set_config_net_link, get_config_net_link, clr_config_net_link, },
+ { "lxc.net.name", set_config_net_name, get_config_net_name, clr_config_net_name, },
+ { "lxc.net.macvlan.mode", set_config_net_macvlan_mode, get_config_net_macvlan_mode, clr_config_net_macvlan_mode, },
+ { "lxc.net.veth.pair", set_config_net_veth_pair, get_config_net_veth_pair, clr_config_net_veth_pair, },
+ { "lxc.net.script.up", set_config_net_script_up, get_config_net_script_up, clr_config_net_script_up, },
+ { "lxc.net.script.down", set_config_net_script_down, get_config_net_script_down, clr_config_net_script_down, },
+ { "lxc.net.hwaddr", set_config_net_hwaddr, get_config_net_hwaddr, clr_config_net_hwaddr, },
+ { "lxc.net.mtu", set_config_net_mtu, get_config_net_mtu, clr_config_net_mtu, },
+ { "lxc.net.vlan.id", set_config_net_vlan_id, get_config_net_vlan_id, clr_config_net_vlan_id, },
+ { "lxc.net.ipv4.gateway", set_config_net_ipv4_gateway, get_config_net_ipv4_gateway, clr_config_net_ipv4_gateway, },
+ { "lxc.net.ipv4", set_config_net_ipv4, get_config_net_ipv4, clr_config_net_ipv4, },
+ { "lxc.net.ipv6.gateway", set_config_net_ipv6_gateway, get_config_net_ipv6_gateway, clr_config_net_ipv6_gateway, },
+ { "lxc.net.ipv6", set_config_net_ipv6, get_config_net_ipv6, clr_config_net_ipv6, },
+ { "lxc.net.", set_config_net_nic, get_config_net_nic, clr_config_net_nic, },
+ { "lxc.net", set_config_net, get_config_net, clr_config_net, },
+ { "lxc.cap.drop", set_config_cap_drop, get_config_cap_drop, clr_config_cap_drop, },
+ { "lxc.cap.keep", set_config_cap_keep, get_config_cap_keep, clr_config_cap_keep, },
+ { "lxc.console.logfile", set_config_console_logfile, get_config_console_logfile, clr_config_console_logfile, },
+ { "lxc.console", set_config_console, get_config_console, clr_config_console, },
+ { "lxc.seccomp", set_config_seccomp, get_config_seccomp, clr_config_seccomp, },
+ { "lxc.include", set_config_includefiles, get_config_includefiles, clr_config_includefiles, },
+ { "lxc.autodev", set_config_autodev, get_config_autodev, clr_config_autodev, },
+ { "lxc.haltsignal", set_config_haltsignal, get_config_haltsignal, clr_config_haltsignal, },
+ { "lxc.rebootsignal", set_config_rebootsignal, get_config_rebootsignal, clr_config_rebootsignal, },
+ { "lxc.stopsignal", set_config_stopsignal, get_config_stopsignal, clr_config_stopsignal, },
+ { "lxc.start.auto", set_config_start, get_config_start, clr_config_start, },
+ { "lxc.start.delay", set_config_start, get_config_start, clr_config_start, },
+ { "lxc.start.order", set_config_start, get_config_start, clr_config_start, },
+ { "lxc.monitor.unshare", set_config_monitor, get_config_monitor, clr_config_monitor, },
+ { "lxc.group", set_config_group, get_config_group, clr_config_group, },
+ { "lxc.environment", set_config_environment, get_config_environment, clr_config_environment, },
+ { "lxc.init_cmd", set_config_init_cmd, get_config_init_cmd, clr_config_init_cmd, },
+ { "lxc.init_uid", set_config_init_uid, get_config_init_uid, clr_config_init_uid, },
+ { "lxc.init_gid", set_config_init_gid, get_config_init_gid, clr_config_init_gid, },
+ { "lxc.ephemeral", set_config_ephemeral, get_config_ephemeral, clr_config_ephemeral, },
+ { "lxc.syslog", set_config_syslog, get_config_syslog, clr_config_syslog, },
+ { "lxc.no_new_privs", set_config_no_new_privs, get_config_no_new_privs, clr_config_no_new_privs, },
+ { "lxc.limit", set_config_limit, get_config_limit, clr_config_limit, },
};
struct signame {
@@ -1585,14 +1594,16 @@ static int set_config_kmsg(const char *key, const char *value,
return 0;
}
-static int set_config_lsm_aa_profile(const char *key, const char *value,
- struct lxc_conf *lxc_conf, void *data)
+static int set_config_apparmor_profile(const char *key, const char *value,
+ struct lxc_conf *lxc_conf, void *data)
{
return set_config_string_item(&lxc_conf->lsm_aa_profile, value);
}
-static int set_config_lsm_aa_incomplete(const char *key, const char *value,
- struct lxc_conf *lxc_conf, void *data)
+static int set_config_apparmor_allow_incomplete(const char *key,
+ const char *value,
+ struct lxc_conf *lxc_conf,
+ void *data)
{
/* Set config value to default. */
if (lxc_config_value_empty(value)) {
@@ -1613,8 +1624,8 @@ static int set_config_lsm_aa_incomplete(const char *key, const char *value,
return 0;
}
-static int set_config_lsm_se_context(const char *key, const char *value,
- struct lxc_conf *lxc_conf, void *data)
+static int set_config_selinux_context(const char *key, const char *value,
+ struct lxc_conf *lxc_conf, void *data)
{
return set_config_string_item(&lxc_conf->lsm_se_context, value);
}
@@ -2615,17 +2626,6 @@ int lxc_fill_elevated_privileges(char *flaglist, int *flags)
return 0;
}
-static inline int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen,
- int v)
-{
- if (!retv)
- inlen = 0;
- else
- memset(retv, 0, inlen);
-
- return snprintf(retv, inlen, "%d", v);
-}
-
/* Write out a configuration file. */
void write_config(FILE *fout, struct lxc_conf *c)
{
@@ -3100,16 +3100,6 @@ static int get_config_tty(const char *key, char *retv, int inlen,
return lxc_get_conf_int(c, retv, inlen, c->tty);
}
-static inline int lxc_get_conf_str(char *retv, int inlen, const char *value)
-{
- if (!value)
- return 0;
- if (retv && inlen >= strlen(value) + 1)
- strncpy(retv, value, strlen(value) + 1);
-
- return strlen(value);
-}
-
static int get_config_ttydir(const char *key, char *retv, int inlen,
struct lxc_conf *c, void *data)
{
@@ -3122,21 +3112,22 @@ static int get_config_kmsg(const char *key, char *retv, int inlen,
return lxc_get_conf_int(c, retv, inlen, c->kmsg);
}
-static int get_config_lsm_aa_profile(const char *key, char *retv, int inlen,
- struct lxc_conf *c, void *data)
+static int get_config_apparmor_profile(const char *key, char *retv, int inlen,
+ struct lxc_conf *c, void *data)
{
return lxc_get_conf_str(retv, inlen, c->lsm_aa_profile);
}
-static int get_config_lsm_aa_incomplete(const char *key, char *retv, int inlen,
- struct lxc_conf *c, void *data)
+static int get_config_apparmor_allow_incomplete(const char *key, char *retv,
+ int inlen, struct lxc_conf *c,
+ void *data)
{
return lxc_get_conf_int(c, retv, inlen,
c->lsm_aa_allow_incomplete);
}
-static int get_config_lsm_se_context(const char *key, char *retv, int inlen,
- struct lxc_conf *c, void *data)
+static int get_config_selinux_context(const char *key, char *retv, int inlen,
+ struct lxc_conf *c, void *data)
{
return lxc_get_conf_str(retv, inlen, c->lsm_se_context);
}
@@ -3710,23 +3701,24 @@ static inline int clr_config_kmsg(const char *key, struct lxc_conf *c,
return 0;
}
-static inline int clr_config_lsm_aa_profile(const char *key, struct lxc_conf *c,
- void *data)
+static inline int clr_config_apparmor_profile(const char *key,
+ struct lxc_conf *c, void *data)
{
free(c->lsm_aa_profile);
c->lsm_aa_profile = NULL;
return 0;
}
-static inline int clr_config_lsm_aa_incomplete(const char *key,
- struct lxc_conf *c, void *data)
+static inline int clr_config_apparmor_allow_incomplete(const char *key,
+ struct lxc_conf *c,
+ void *data)
{
c->lsm_aa_allow_incomplete = 0;
return 0;
}
-static inline int clr_config_lsm_se_context(const char *key, struct lxc_conf *c,
- void *data)
+static inline int clr_config_selinux_context(const char *key,
+ struct lxc_conf *c, void *data)
{
free(c->lsm_se_context);
c->lsm_se_context = NULL;
diff --git a/src/lxc/confile_network_legacy.c b/src/lxc/confile_legacy.c
similarity index 92%
rename from src/lxc/confile_network_legacy.c
rename to src/lxc/confile_legacy.c
index 14aef21ea..7f86cdb0e 100644
--- a/src/lxc/confile_network_legacy.c
+++ b/src/lxc/confile_legacy.c
@@ -46,7 +46,7 @@
#include "config.h"
#include "confile.h"
#include "confile_utils.h"
-#include "confile_network_legacy.h"
+#include "confile_legacy.h"
#include "utils.h"
#include "log.h"
#include "conf.h"
@@ -59,7 +59,7 @@
#include <../include/ifaddrs.h>
#endif
-lxc_log_define(lxc_confile_network_legacy, lxc);
+lxc_log_define(lxc_confile_legacy, lxc);
/*
* Config entry is something like "lxc.network.0.ipv4" the key 'lxc.network.'
@@ -1003,3 +1003,79 @@ inline int clr_config_network_legacy(const char *key, struct lxc_conf *c, void *
{
return lxc_clear_config_network(c);
}
+
+inline int clr_config_lsm_aa_profile(const char *key, struct lxc_conf *c,
+ void *data)
+{
+ free(c->lsm_aa_profile);
+ c->lsm_aa_profile = NULL;
+ return 0;
+}
+
+inline int clr_config_lsm_aa_incomplete(const char *key, struct lxc_conf *c,
+ void *data)
+{
+ c->lsm_aa_allow_incomplete = 0;
+ return 0;
+}
+
+int get_config_lsm_aa_profile(const char *key, char *retv, int inlen,
+ struct lxc_conf *c, void *data)
+{
+ return lxc_get_conf_str(retv, inlen, c->lsm_aa_profile);
+}
+
+int get_config_lsm_aa_incomplete(const char *key, char *retv, int inlen,
+ struct lxc_conf *c, void *data)
+{
+ return lxc_get_conf_int(c, retv, inlen,
+ c->lsm_aa_allow_incomplete);
+}
+
+int set_config_lsm_aa_profile(const char *key, const char *value,
+ struct lxc_conf *lxc_conf, void *data)
+{
+ return set_config_string_item(&lxc_conf->lsm_aa_profile, value);
+}
+
+int set_config_lsm_aa_incomplete(const char *key, const char *value,
+ struct lxc_conf *lxc_conf, void *data)
+{
+ /* Set config value to default. */
+ if (lxc_config_value_empty(value)) {
+ lxc_conf->lsm_aa_allow_incomplete = 0;
+ return 0;
+ }
+
+ /* Parse new config value. */
+ if (lxc_safe_uint(value, &lxc_conf->lsm_aa_allow_incomplete) < 0)
+ return -1;
+
+ if (lxc_conf->lsm_aa_allow_incomplete > 1) {
+ ERROR("Wrong value for lxc.lsm_aa_allow_incomplete. Can only "
+ "be set to 0 or 1");
+ return -1;
+ }
+
+ return 0;
+}
+
+int set_config_lsm_se_context(const char *key, const char *value,
+ struct lxc_conf *lxc_conf, void *data)
+{
+ return set_config_string_item(&lxc_conf->lsm_se_context, value);
+}
+
+int get_config_lsm_se_context(const char *key, char *retv, int inlen,
+ struct lxc_conf *c, void *data)
+{
+ return lxc_get_conf_str(retv, inlen, c->lsm_se_context);
+}
+
+inline int clr_config_lsm_se_context(const char *key, struct lxc_conf *c,
+ void *data)
+{
+ free(c->lsm_se_context);
+ c->lsm_se_context = NULL;
+ return 0;
+}
diff --git a/src/lxc/confile_network_legacy.h b/src/lxc/confile_legacy.h
similarity index 78%
rename from src/lxc/confile_network_legacy.h
rename to src/lxc/confile_legacy.h
index 55cb2a125..cbe6ce8bc 100644
--- a/src/lxc/confile_network_legacy.h
+++ b/src/lxc/confile_legacy.h
@@ -21,8 +21,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
-#ifndef __LXC_CONFILE_NETWORK_LEGACY_H
-#define __LXC_CONFILE_NETWORK_LEGACY_H
+#ifndef __LXC_CONFILE_LEGACY_H
+#define __LXC_CONFILE_LEGACY_H
#include <stdio.h>
#include <lxc/attach_options.h>
@@ -78,4 +78,23 @@ extern int lxc_list_nicconfigs_legacy(struct lxc_conf *c, const char *key,
extern int lxc_listconfigs(char *retv, int inlen);
extern bool network_new_hwaddrs(struct lxc_conf *conf);
-#endif
+
+extern int set_config_lsm_aa_profile(const char *, const char *,
+ struct lxc_conf *, void *);
+extern int get_config_lsm_aa_profile(const char *, char *, int,
+ struct lxc_conf *, void *);
+extern int clr_config_lsm_aa_profile(const char *, struct lxc_conf *, void *);
+
+extern int set_config_lsm_aa_incomplete(const char *, const char *,
+ struct lxc_conf *, void *);
+extern int get_config_lsm_aa_incomplete(const char *, char *, int,
+ struct lxc_conf *, void *);
+extern int clr_config_lsm_aa_incomplete(const char *, struct lxc_conf *,
+ void *);
+
+extern int set_config_lsm_se_context(const char *, const char *,
+ struct lxc_conf *, void *);
+extern int get_config_lsm_se_context(const char *, char *, int,
+ struct lxc_conf *, void *);
+extern int clr_config_lsm_se_context(const char *, struct lxc_conf *, void *);
+#endif /* __LXC_CONFILE_LEGACY_H */
diff --git a/src/lxc/confile_utils.c b/src/lxc/confile_utils.c
index d2df78a45..4c6f1117f 100644
--- a/src/lxc/confile_utils.c
+++ b/src/lxc/confile_utils.c
@@ -582,3 +582,23 @@ bool new_hwaddr(char *hwaddr)
return true;
}
+
+int lxc_get_conf_str(char *retv, int inlen, const char *value)
+{
+ if (!value)
+ return 0;
+ if (retv && inlen >= strlen(value) + 1)
+ strncpy(retv, value, strlen(value) + 1);
+
+ return strlen(value);
+}
+
+int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v)
+{
+ if (!retv)
+ inlen = 0;
+ else
+ memset(retv, 0, inlen);
+
+ return snprintf(retv, inlen, "%d", v);
+}
diff --git a/src/lxc/confile_utils.h b/src/lxc/confile_utils.h
index 67762d2c8..5831df5c2 100644
--- a/src/lxc/confile_utils.h
+++ b/src/lxc/confile_utils.h
@@ -81,5 +81,7 @@ extern int network_ifname(char **valuep, const char *value);
extern int rand_complete_hwaddr(char *hwaddr);
extern void update_hwaddr(const char *line);
extern bool new_hwaddr(char *hwaddr);
+extern int lxc_get_conf_str(char *retv, int inlen, const char *value);
+extern int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v);
#endif /* __LXC_CONFILE_UTILS_H */
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 0a784e90d..3de4fb90e 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -47,7 +47,7 @@
#include "config.h"
#include "commands.h"
#include "confile.h"
-#include "confile_network_legacy.h"
+#include "confile_legacy.h"
#include "console.h"
#include "criu.h"
#include "log.h"
diff --git a/src/tests/parse_config_file.c b/src/tests/parse_config_file.c
index 3fcfdd50e..6618596c6 100644
--- a/src/tests/parse_config_file.c
+++ b/src/tests/parse_config_file.c
@@ -328,20 +328,54 @@ int main(int argc, char *argv[])
goto non_test_error;
}
- /* lxc.aa_profile */
+ /* REMOVE IN LXC 3.0
+ legacy security keys
+ */
if (set_get_compare_clear_save_load(c, "lxc.aa_profile", "unconfined",
tmpf, true) < 0) {
lxc_error("%s\n", "lxc.aa_profile");
goto non_test_error;
}
- /* lxc.aa_allow_incomplete */
+ /* REMOVE IN LXC 3.0
+ legacy security keys
+ */
if (set_get_compare_clear_save_load(c, "lxc.aa_allow_incomplete", "1",
tmpf, true) < 0) {
lxc_error("%s\n", "lxc.aa_allow_incomplete");
goto non_test_error;
}
+ /* REMOVE IN LXC 3.0
+ legacy security keys
+ */
+ if (set_get_compare_clear_save_load(c, "lxc.se_context", "system_u:system_r:lxc_t:s0:c22",
+ tmpf, true) < 0) {
+ lxc_error("%s\n", "lxc.apparmor.se_context");
+ goto non_test_error;
+ }
+
+ /* lxc.apparmor.profile */
+ if (set_get_compare_clear_save_load(c, "lxc.apparmor.profile", "unconfined",
+ tmpf, true) < 0) {
+ lxc_error("%s\n", "lxc.apparmor.profile");
+ goto non_test_error;
+ }
+
+ /* lxc.apparmor.allow_incomplete */
+ if (set_get_compare_clear_save_load(c, "lxc.apparmor.allow_incomplete", "1",
+ tmpf, true) < 0) {
+ lxc_error("%s\n", "lxc.apparmor.allow_incomplete");
+ goto non_test_error;
+ }
+
+ /* lxc.selinux.context */
+ if (set_get_compare_clear_save_load(c, "lxc.selinux.context", "system_u:system_r:lxc_t:s0:c22",
+ tmpf, true) < 0) {
+ lxc_error("%s\n", "lxc.apparmor.selinux.context");
+ goto non_test_error;
+ }
+
/* lxc.cgroup.cpuset.cpus */
if (set_get_compare_clear_save_load(c, "lxc.cgroup.cpuset.cpus",
"1-100", tmpf, false) < 0) {
From 1bdb3e75eccd35e15be79c9268a28bc3196c2be7 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Fri, 23 Jun 2017 15:38:02 +0200
Subject: [PATCH 2/3] confile: remove lxc.kmsg
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 33 ---------------------------------
src/lxc/conf.h | 1 -
src/lxc/confile.c | 39 ---------------------------------------
3 files changed, 73 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 7ecfc82ec..c5281b056 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1632,33 +1632,6 @@ static int lxc_setup_console(const struct lxc_rootfs *rootfs,
return lxc_setup_ttydir_console(rootfs, console, ttydir);
}
-static int setup_kmsg(const struct lxc_rootfs *rootfs,
- const struct lxc_console *console)
-{
- char kpath[MAXPATHLEN];
- int ret;
-
- if (!rootfs->path)
- return 0;
- ret = snprintf(kpath, sizeof(kpath), "%s/dev/kmsg", rootfs->mount);
- if (ret < 0 || ret >= sizeof(kpath))
- return -1;
-
- ret = unlink(kpath);
- if (ret && errno != ENOENT) {
- SYSERROR("error unlinking %s", kpath);
- return -1;
- }
-
- ret = symlink("console", kpath);
- if (ret) {
- SYSERROR("failed to create symlink for kmsg");
- return -1;
- }
-
- return 0;
-}
-
static void parse_mntopt(char *opt, unsigned long *flags, char **data)
{
struct mount_opt *mo;
@@ -2667,7 +2640,6 @@ struct lxc_conf *lxc_conf_init(void)
free(new);
return NULL;
}
- new->kmsg = 0;
new->logfd = -1;
lxc_list_init(&new->cgroup);
lxc_list_init(&new->network);
@@ -4206,11 +4178,6 @@ int lxc_setup(struct lxc_handler *handler)
return -1;
}
- if (lxc_conf->kmsg) {
- if (setup_kmsg(&lxc_conf->rootfs, &lxc_conf->console)) // don't fail
- ERROR("failed to setup kmsg for '%s'", name);
- }
-
if (!lxc_conf->is_execute && setup_dev_symlinks(&lxc_conf->rootfs)) {
ERROR("failed to setup /dev symlinks for '%s'", name);
return -1;
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 495d6486f..24659b54b 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -351,7 +351,6 @@ struct lxc_conf {
int haltsignal; // signal used to halt container
int rebootsignal; // signal used to reboot container
int stopsignal; // signal used to hard stop container
- unsigned int kmsg; // if 1, create /dev/kmsg symlink
char *rcfile; // Copy of the top level rcfile we read
// Logfile and logleve can be set in a container config file.
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index cfad6c5a8..fec1d5638 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -87,12 +87,6 @@ static int get_config_ttydir(const char *, char *, int, struct lxc_conf *,
void *);
static int clr_config_ttydir(const char *, struct lxc_conf *, void *);
-static int set_config_kmsg(const char *, const char *, struct lxc_conf *,
- void *);
-static int get_config_kmsg(const char *, char *, int, struct lxc_conf *,
- void *);
-static int clr_config_kmsg(const char *, struct lxc_conf *, void *);
-
static int set_config_apparmor_profile(const char *, const char *,
struct lxc_conf *, void *);
static int get_config_apparmor_profile(const char *, char *, int,
@@ -428,7 +422,6 @@ static struct lxc_config_t config[] = {
{ "lxc.pts", set_config_pts, get_config_pts, clr_config_pts, },
{ "lxc.tty", set_config_tty, get_config_tty, clr_config_tty, },
{ "lxc.devttydir", set_config_ttydir, get_config_ttydir, clr_config_ttydir, },
- { "lxc.kmsg", set_config_kmsg, get_config_kmsg, clr_config_kmsg, },
{ "lxc.apparmor.profile", set_config_apparmor_profile, get_config_apparmor_profile, clr_config_apparmor_profile, },
{ "lxc.apparmor.allow_incomplete", set_config_apparmor_allow_incomplete, get_config_apparmor_allow_incomplete, clr_config_apparmor_allow_incomplete, },
{ "lxc.selinux.context", set_config_selinux_context, get_config_selinux_context, clr_config_selinux_context, },
@@ -1575,25 +1568,6 @@ static int set_config_ttydir(const char *key, const char *value,
NAME_MAX + 1);
}
-static int set_config_kmsg(const char *key, const char *value,
- struct lxc_conf *lxc_conf, void *data)
-{
- /* Set config value to default. */
- if (lxc_config_value_empty(value)) {
- lxc_conf->kmsg = 0;
- return 0;
- }
-
- /* Parse new config value. */
- if (lxc_safe_uint(value, &lxc_conf->kmsg) < 0)
- return -1;
-
- if (lxc_conf->kmsg > 1)
- return -1;
-
- return 0;
-}
-
static int set_config_apparmor_profile(const char *key, const char *value,
struct lxc_conf *lxc_conf, void *data)
{
@@ -3106,12 +3080,6 @@ static int get_config_ttydir(const char *key, char *retv, int inlen,
return lxc_get_conf_str(retv, inlen, c->ttydir);
}
-static int get_config_kmsg(const char *key, char *retv, int inlen,
- struct lxc_conf *c, void *data)
-{
- return lxc_get_conf_int(c, retv, inlen, c->kmsg);
-}
-
static int get_config_apparmor_profile(const char *key, char *retv, int inlen,
struct lxc_conf *c, void *data)
{
@@ -3694,13 +3662,6 @@ static inline int clr_config_ttydir(const char *key, struct lxc_conf *c,
return 0;
}
-static inline int clr_config_kmsg(const char *key, struct lxc_conf *c,
- void *data)
-{
- c->kmsg = 0;
- return 0;
-}
-
static inline int clr_config_apparmor_profile(const char *key,
struct lxc_conf *c, void *data)
{
From a5ec140dd355d8b8ad0bae260c8aea0ee431eea5 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Fri, 23 Jun 2017 15:39:00 +0200
Subject: [PATCH 3/3] confile: remove lxc.pivotdir
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.h | 1 -
src/lxc/confile.c | 26 --------------------------
2 files changed, 27 deletions(-)
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 24659b54b..4bf0aa56f 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -285,7 +285,6 @@ enum {
/*
* Defines the global container configuration
* @rootfs : root directory to run the container
- * @pivotdir : pivotdir path, if not set default will be used
* @mount : list of mount points
* @tty : numbers of tty
* @pts : new pts instance
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index fec1d5638..6d17bb7f3 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -172,12 +172,6 @@ static int get_config_rootfs(const char *, char *, int, struct lxc_conf *,
void *);
static int clr_config_rootfs(const char *, struct lxc_conf *, void *);
-static int set_config_pivotdir(const char *, const char *, struct lxc_conf *,
- void *);
-static int get_config_pivotdir(const char *, char *, int, struct lxc_conf *,
- void *);
-static int clr_config_pivotdir(const char *, struct lxc_conf *, void *);
-
static int set_config_utsname(const char *, const char *, struct lxc_conf *,
void *);
static int get_config_utsname(const char *, char *, int, struct lxc_conf *,
@@ -444,7 +438,6 @@ static struct lxc_config_t config[] = {
{ "lxc.rootfs.options", set_config_rootfs_options, get_config_rootfs_options, clr_config_rootfs_options, },
{ "lxc.rootfs.backend", set_config_rootfs_backend, get_config_rootfs_backend, clr_config_rootfs_backend, },
{ "lxc.rootfs", set_config_rootfs, get_config_rootfs, clr_config_rootfs, },
- { "lxc.pivotdir", set_config_pivotdir, get_config_pivotdir, clr_config_pivotdir, },
{ "lxc.utsname", set_config_utsname, get_config_utsname, clr_config_utsname, },
{ "lxc.hook.pre-start", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.pre-mount", set_config_hooks, get_config_hooks, clr_config_hooks, },
@@ -2338,13 +2331,6 @@ static int set_config_rootfs_backend(const char *key, const char *value,
return set_config_string_item(&lxc_conf->rootfs.bdev_type, value);
}
-static int set_config_pivotdir(const char *key, const char *value,
- struct lxc_conf *lxc_conf, void *data)
-{
- WARN("lxc.pivotdir is ignored. It will soon become an error.");
- return 0;
-}
-
static int set_config_utsname(const char *key, const char *value,
struct lxc_conf *lxc_conf, void *data)
{
@@ -3337,12 +3323,6 @@ static int get_config_rootfs_backend(const char *key, char *retv, int inlen,
return lxc_get_conf_str(retv, inlen, c->rootfs.bdev_type);
}
-static int get_config_pivotdir(const char *key, char *retv, int inlen,
- struct lxc_conf *c, void *data)
-{
- return 0;
-}
-
static int get_config_utsname(const char *key, char *retv, int inlen,
struct lxc_conf *c, void *data)
{
@@ -3765,12 +3745,6 @@ static inline int clr_config_rootfs_backend(const char *key, struct lxc_conf *c,
return 0;
}
-static inline int clr_config_pivotdir(const char *key, struct lxc_conf *c,
- void *data)
-{
- return 0;
-}
-
static inline int clr_config_utsname(const char *key, struct lxc_conf *c,
void *data)
{
More information about the lxc-devel
mailing list