[lxc-devel] [PATCH] Invoke lxc_map_ids only when id_map is not empty

Alexander Vladimirov alexander.idkfa.vladimirov at gmail.com
Wed Mar 13 15:11:42 UTC 2013 

With recent commits this code path prevents containers from starting
on vanilla kernels, because there's no /proc/<pid>/{u,g}id_map support
there.
If it was intended to make user namespaces support mandatory, then
disregard that patch please.

2013/3/13 Serge Hallyn <serge.hallyn at ubuntu.com>:
> Quoting Alexander Vladimirov (alexander.idkfa.vladimirov at gmail.com):
>>
>> Signed-off-by: Alexander Vladimirov <alexander.idkfa.vladimirov at gmail.com>
>
> Nothing wrong with this, but why do you want this?  It will save you
> a 4096k allocation (which we could optimize away so it only happens
> if needed), and one function call, but that is all...  Is there more
> that I'm missing?
>
> (In general I do prefer to keep the caller shorter and easier to read
> if we can)
>
>> ---
>>  src/lxc/start.c | 8 +++++---
>>  1 file changed, 5 insertions(+), 3 deletions(-)
>>
>> diff --git a/src/lxc/start.c b/src/lxc/start.c
>> index 3fdfa04..05646c2 100644
>> --- a/src/lxc/start.c
>> +++ b/src/lxc/start.c
>> @@ -823,9 +823,11 @@ int lxc_spawn(struct lxc_handler *handler)
>>        * call doesn't change anything immediately, but allows the
>>        * container to setuid(0) (0 being mapped to something else on
>>        * the host) later to become a valid uid again */
>> -     if (lxc_map_ids(&handler->conf->id_map, handler->pid)) {
>> -             ERROR("failed to set up id mapping");
>> -             goto out_delete_net;
>> +     if (!lxc_list_empty(&handler->conf->id_map)) {
>> +             if (lxc_map_ids(&handler->conf->id_map, handler->pid)) {
>> +                     ERROR("failed to set up id mapping");
>> +                     goto out_delete_net;
>> +             }
>>       }
>>
>>       /* Tell the child to continue its initialization.  we'll get
>> --
>> 1.8.1.5
>>
>>
>> ------------------------------------------------------------------------------
>> Everyone hates slow websites. So do we.
>> Make your web apps faster with AppDynamics
>> Download AppDynamics Lite for free today:
>> http://p.sf.net/sfu/appdyn_d2d_mar
>> _______________________________________________
>> Lxc-devel mailing list
>> Lxc-devel at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/lxc-devel

More information about the lxc-devel mailing list