[lxc-devel] [PATCH 1/1] userns: clear and save id_map (v2)
Serge Hallyn
serge.hallyn at ubuntu.com
Mon Jul 15 21:42:15 UTC 2013
Otherwise (a) there is a memory leak when using user namespaces and
clearing a config, and (b) saving a container configuration file doesn't
maintain the userns mapping. For instance, if container c1 has
lxc.id_map configuration entries, then
python3
import lxc
c=lxc.Container("c1")
c.save_config("/tmp/config1")
should show 'lxc.id_map =' entries in /tmp/config1.
Changelog for v2:
1. fix incorrect saving of group types (s/'c'/'g')
2. fix typo -> idmap->type should be idmap->idtype
Reported-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
---
src/lxc/conf.c | 13 +++++++++++++
src/lxc/confile.c | 6 ++++++
2 files changed, 19 insertions(+)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index a69c4f8..46320dd 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3079,6 +3079,18 @@ int lxc_clear_config_caps(struct lxc_conf *c)
return 0;
}
+int lxc_clear_idmaps(struct lxc_conf *c)
+{
+ struct lxc_list *it, *next;
+
+ lxc_list_for_each_safe(it, &c->id_map, next) {
+ lxc_list_del(it);
+ free(it->elem);
+ free(it);
+ }
+ return 0;
+}
+
int lxc_clear_cgroups(struct lxc_conf *c, const char *key)
{
struct lxc_list *it,*next;
@@ -3182,5 +3194,6 @@ void lxc_conf_free(struct lxc_conf *conf)
lxc_clear_hooks(conf, "lxc.hook");
lxc_clear_mount_entries(conf);
lxc_clear_saved_nics(conf);
+ lxc_clear_idmaps(conf);
free(conf);
}
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index a7db117..bb02e1c 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1945,6 +1945,12 @@ void write_config(FILE *fout, struct lxc_conf *c)
}
lxc_list_for_each(it, &c->caps)
fprintf(fout, "lxc.cap.drop = %s\n", (char *)it->elem);
+ lxc_list_for_each(it, &c->id_map) {
+ struct id_map *idmap = it->elem;
+ fprintf(fout, "lxc.id_map = %c %lu %lu %lu\n",
+ idmap->idtype == ID_TYPE_UID ? 'u' : 'g', idmap->nsid,
+ idmap->hostid, idmap->range);
+ }
for (i=0; i<NUM_LXC_HOOKS; i++) {
lxc_list_for_each(it, &c->hooks[i])
fprintf(fout, "lxc.hook.%s = %s\n",
--
1.8.3.2
More information about the lxc-devel
mailing list