[lxc-devel] [PATCH 1/1] Update the openvswitch bridge attach code

Fri Aug 22 20:29:23 UTC 2014

1. don't determine ovs-vsctl path at configure time, do it at runtime

2. lxc-user-nic: set a sane path to protect from unpriv users

Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
---
 configure.ac           | 11 -----------
 src/lxc/Makefile.am    |  4 ----
 src/lxc/lxc_user_nic.c |  5 +++++
 src/lxc/network.c      | 20 +++++++-------------
 4 files changed, 12 insertions(+), 28 deletions(-)

diff --git a/configure.ac b/configure.ac
index 462217e..4b1f554 100644
--- a/configure.ac
+++ b/configure.ac
@@ -202,16 +202,6 @@ fi
 
 AM_CONDITIONAL([ENABLE_API_DOCS], [test "x$HAVE_DOXYGEN" != "x"])
 
-# Openvswitch
-AC_PATH_PROG([OVS_CTL_PATH],[ovs-vsctl])
-if test "x$OVS_CTL_PATH" != "x"; then
-	enable_ovs="yes"
-	AS_AC_EXPAND(OVS_CTL_PATH, "$OVS_CTL_PATH")
-else
-	enable_ovs="no"
-fi
-AM_CONDITIONAL([HAVE_OVS], [test "x$enable_ovs" = "xyes"])
-
 # Apparmor
 AC_ARG_ENABLE([apparmor],
 	[AC_HELP_STRING([--enable-apparmor], [enable apparmor support [default=auto]])],
@@ -779,7 +769,6 @@ Environment:
  - rpath: $enable_rpath
  - GnuTLS: $enable_gnutls
  - Bash integration: $enable_bash
- - Openvswitch: $enable_ovs
 
 Security features:
  - Apparmor: $enable_apparmor
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index f7bc31a..c1a67d6 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -129,10 +129,6 @@ if ENABLE_APPARMOR
 AM_CFLAGS += -DHAVE_APPARMOR
 endif
 
-if HAVE_OVS
-AM_CFLAGS += -DHAVE_OVS -DOVS_CTL_PATH=\"$(OVS_CTL_PATH)\"
-endif
-
 if ENABLE_CGMANAGER
 AM_CFLAGS += -DHAVE_CGMANAGER
 endif
diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c
index 5a1f6db..145a35d 100644
--- a/src/lxc/lxc_user_nic.c
+++ b/src/lxc/lxc_user_nic.c
@@ -590,6 +590,11 @@ int main(int argc, char *argv[])
 	char *vethname = NULL;
 	int pid;
 
+	/* set a sane path, because we are setuid-root */
+	if (setenv("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 1) < 0) {
+		fprintf(stderr, "Failed to set PATH, exiting\n");
+		exit(1);
+	}
 	if ((me = get_username()) == NULL) {
 		fprintf(stderr, "Failed to get username\n");
 		exit(1);
diff --git a/src/lxc/network.c b/src/lxc/network.c
index dfab159..32edfc4 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -1171,7 +1171,6 @@ int lxc_ipv6_dest_add(int ifindex, struct in6_addr *dest)
 	return ip_route_dest_add(AF_INET6, ifindex, dest);
 }
 
-#ifdef HAVE_OVS
 static bool is_ovs_bridge(const char *bridge)
 {
 	char brdirname[22 + IFNAMSIZ + 1] = {0};
@@ -1186,7 +1185,12 @@ static bool is_ovs_bridge(const char *bridge)
 static int attach_to_ovs_bridge(const char *bridge, const char *nic)
 {
 	pid_t pid;
-	const char *progname;
+	char *cmd;
+
+	cmd = on_path("ovs-vsctl", NULL);
+	if (!cmd)
+		return -1;
+	free(cmd);
 
 	pid = fork();
 	if (pid < 0)
@@ -1194,21 +1198,11 @@ static int attach_to_ovs_bridge(const char *bridge, const char *nic)
 	if (pid > 0)
 		return wait_for_pid(pid);
 
-	progname = strrchr(OVS_CTL_PATH, '/');
-	if (!progname) // not sane, should we just fail?
-		progname = OVS_CTL_PATH;
-	if (execl(OVS_CTL_PATH, progname, "add-port", bridge, nic, NULL))
+	if (execlp("ovs-vsctl", "ovs-vsctl", "add-port", bridge, nic, NULL))
 		exit(1);
 	// not reached
 	exit(1);
 }
-#else
-static inline bool is_ovs_bridge(const char *bridge) { return false; }
-static inline int attach_to_ovs_bridge(const char *bridge, const char *nic)
-{
-	return -1;
-}
-#endif
 
 /*
  * There is a lxc_bridge_attach, but no need of a bridge detach
-- 
2.1.0.rc1

