[lxc-devel] [PATCH 2/2] lxc-attach: Implement --clear-env and --keep-env
Serge Hallyn
serge.hallyn at ubuntu.com
Mon Apr 1 03:50:13 UTC 2013
Quoting Christian Seiler (christian at iwakd.de):
> This patch introduces the --clear-env and --keep-env options for
> lxc-attach, that allows the user to specify whether the environment
> should be passed on inside the container or not.
>
> This is to be expanded upon in later versions, this patch only
> introduces the most basic functionality.
>
> Signed-off-by: Christian Seiler <christian at iwakd.de>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
but,
> ---
> doc/lxc-attach.sgml.in | 33 +++++++++++++++++++++++++++++++++
> src/lxc/attach.c | 23 +++++++++++++++++++----
> src/lxc/attach.h | 7 ++++++-
> src/lxc/lxc_attach.c | 22 ++++++++++++++++++++--
> 4 files changed, 78 insertions(+), 7 deletions(-)
>
> diff --git a/doc/lxc-attach.sgml.in b/doc/lxc-attach.sgml.in
> index 36e1f70..a3bdb44 100644
> --- a/doc/lxc-attach.sgml.in
> +++ b/doc/lxc-attach.sgml.in
> @@ -54,6 +54,8 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> <arg choice="opt">-e</arg>
> <arg choice="opt">-s <replaceable>namespaces</replaceable></arg>
> <arg choice="opt">-R</arg>
> + <arg choice="opt">--keep-env</arg>
> + <arg choice="opt">--clear-env</arg>
> <arg choice="opt">-- <replaceable>command</replaceable></arg>
> </cmdsynopsis>
> </refsynopsisdiv>
> @@ -173,6 +175,37 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> </listitem>
> </varlistentry>
>
> + <varlistentry>
> + <term>
> + <option>--keep-env</option>
> + </term>
> + <listitem>
> + <para>
> + Keep the current environment for attached programs. This is
> + the current default behaviour (as of version 0.9), but is
> + is likely to change in the future, since this may leak
> + undesirable information into the container. If you rely on
> + the environment being available for the attached program,
> + please use this option to be future-proof. In addition to
> + current environment variables, container=lxc will be set.
> + </para>
> + </listitem>
> + </varlistentry>
> +
> + <varlistentry>
> + <term>
> + <option>--clear-env</option>
> + </term>
> + <listitem>
> + <para>
> + Clear the environment before attaching, so no undesired
> + environment variables leak into the container. The variable
> + container=lxc will be the only environment with which the
> + attached program starts.
> + </para>
> + </listitem>
> + </varlistentry>
> +
> </variablelist>
>
> </refsect1>
> diff --git a/src/lxc/attach.c b/src/lxc/attach.c
> index 12adadb..5b3ee4f 100644
> --- a/src/lxc/attach.c
> +++ b/src/lxc/attach.c
> @@ -277,11 +277,26 @@ int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx)
> return 0;
> }
>
> -int lxc_attach_set_environment()
> +int lxc_attach_set_environment(enum lxc_attach_env_policy_t policy, char** extra_env, char** extra_keep)
> {
> - if (clearenv()) {
> - SYSERROR("failed to clear environment");
> - /* don't error out though */
> + /* TODO: implement extra_env, extra_keep
> + * Rationale:
> + * - extra_env is an array of strings of the form
> + * "VAR=VALUE", which are to be set (after clearing or not,
> + * depending on the value of the policy variable)
> + * - extra_keep is an array of strings of the form
> + * "VAR", which are extra environment variables to be kept
> + * around after clearing (if that is done, otherwise, the
> + * remain anyway)
> + */
> + (void) extra_env;
> + (void) extra_keep;
Sorry, what are these?
> +
> + if (policy == LXC_ATTACH_CLEAR_ENV) {
> + if (clearenv()) {
> + SYSERROR("failed to clear environment");
> + /* don't error out though */
> + }
> }
>
> if (putenv("container=lxc")) {
> diff --git a/src/lxc/attach.h b/src/lxc/attach.h
> index 404ff4c..151445a 100644
> --- a/src/lxc/attach.h
> +++ b/src/lxc/attach.h
> @@ -34,10 +34,15 @@ struct lxc_proc_context_info {
>
> extern struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid);
>
> +typedef enum lxc_attach_env_policy_t {
> + LXC_ATTACH_KEEP_ENV,
> + LXC_ATTACH_CLEAR_ENV
> +} lxc_attach_env_policy_t;
> +
> extern int lxc_attach_to_ns(pid_t other_pid, int which);
> extern int lxc_attach_remount_sys_proc();
> extern int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx);
> -extern int lxc_attach_set_environment();
> +extern int lxc_attach_set_environment(enum lxc_attach_env_policy_t policy, char** extra_env, char** extra_keep);
>
> extern char *lxc_attach_getpwshell(uid_t uid);
>
> diff --git a/src/lxc/lxc_attach.c b/src/lxc/lxc_attach.c
> index 7fd76ee..77039fb 100644
> --- a/src/lxc/lxc_attach.c
> +++ b/src/lxc/lxc_attach.c
> @@ -55,6 +55,9 @@ static const struct option my_longopts[] = {
> {"arch", required_argument, 0, 'a'},
> {"namespaces", required_argument, 0, 's'},
> {"remount-sys-proc", no_argument, 0, 'R'},
> + /* TODO: decide upon short option names */
> + {"clear-env", no_argument, 0, 500},
> + {"keep-env", no_argument, 0, 501},
> LXC_COMMON_OPTIONS
> };
>
> @@ -62,6 +65,7 @@ static int elevated_privileges = 0;
> static signed long new_personality = -1;
> static int namespace_flags = -1;
> static int remount_sys_proc = 0;
> +static lxc_attach_env_policy_t env_policy = LXC_ATTACH_KEEP_ENV;
>
> static int my_parser(struct lxc_arguments* args, int c, char* arg)
> {
> @@ -85,6 +89,12 @@ static int my_parser(struct lxc_arguments* args, int c, char* arg)
> /* -s implies -e */
> elevated_privileges = 1;
> break;
> + case 500: /* clear-env */
> + env_policy = LXC_ATTACH_CLEAR_ENV;
> + break;
> + case 501: /* keep-env */
> + env_policy = LXC_ATTACH_KEEP_ENV;
> + break;
> }
>
> return 0;
> @@ -116,7 +126,15 @@ Options :\n\
> Remount /sys and /proc if not attaching to the\n\
> mount namespace when using -s in order to properly\n\
> reflect the correct namespace context. See the\n\
> - lxc-attach(1) manual page for details.\n",
> + lxc-attach(1) manual page for details.\n\
> + --clear-env\n\
> + Clear all environment variables before attaching.\n\
> + The attached shell/program will start with only\n\
> + container=lxc set.\n\
> + --keep-env\n\
> + Keep all current enivornment variables. This\n\
> + is the current default behaviour, but is likely to\n\
> + change in the future.\n",
> .options = my_longopts,
> .parser = my_parser,
> .checker = NULL,
> @@ -411,7 +429,7 @@ int main(int argc, char *argv[])
> return -1;
> }
>
> - if (lxc_attach_set_environment()) {
> + if (lxc_attach_set_environment(env_policy, NULL, NULL)) {
> ERROR("could not set environment");
> return -1;
> }
> --
> 1.7.10.4
>
>
> ------------------------------------------------------------------------------
> Own the Future-Intel(R) Level Up Game Demo Contest 2013
> Rise to greatness in Intel's independent game demo contest. Compete
> for recognition, cash, and the chance to get your game on Steam.
> $5K grand prize plus 10 genre and skill prizes. Submit your demo
> by 6/6/13. http://altfarm.mediaplex.com/ad/ck/12124-176961-30367-2
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
More information about the lxc-devel
mailing list