[lxc-devel] Valid Container Names/Identifiers

BB eeg5auquaephoo5j at gmail.com
Tue Dec 23 18:01:43 UTC 2014


Just a remark...

When I start a container via the Python bindings (version 1.0.6-0ubuntu0.1
on Ubuntu trusty) I get the following message:

    lxc_container: simple_container is too long (>= 16)

I cannot reproduce this by calling lxc-start directly but if there will be
a patch to check the name, please allow names longer than 16 characters -
because of the common use case mentioned by Stéphane: container name ==
hostname (or even fqdn).

The message probably originates here:


https://github.com/lxc/lxc/blob/ec64264d78d4ed608553842ce9e1f07eeab2a032/src/lxc/confile.c#L265

Regards,

BB

On Thu, Dec 18, 2014 at 4:42 PM, Serge Hallyn <serge.hallyn at ubuntu.com>
wrote:

> Agreed.  Would you mind coming up with a proposed patch to be stricter at
> lxcapi_create() and sending it out?
>
> Quoting Joel Nider (JOELN at il.ibm.com):
> > I would strongly suggest to nail this down now since the question came
> up.
> >  This is the kind of issue that could create security bugs later on (when
> > different parts of the code check for valid names in different ways, or
> > don't check at all). Stephane's suggestion of a 64 ASCII character string
> > that forms a valid Linux hostname sounds good to me - is this formally
> > defined somewhere?
> >
> > Regards,
> >
> > Joel
> >
> > "lxc-devel" <lxc-devel-bounces at lists.linuxcontainers.org> wrote on
> > 16/12/2014 05:22:05 PM:
> >
> > > From: Stéphane Graber <stgraber at ubuntu.com>
> > > To: LXC development mailing-list <lxc-devel at lists.linuxcontainers.org>
> > > Date: 16/12/2014 05:22 PM
> > > Subject: Re: [lxc-devel] Valid Container Names/Identifiers
> > > Sent by: "lxc-devel" <lxc-devel-bounces at lists.linuxcontainers.org>
> > >
> > > On Tue, Dec 16, 2014 at 10:36:13AM +0100, Till Walter wrote:
> > > > Dear LXC Developers,
> > > >
> > > > the manual page of lxc-create states that "The container identifier
> > > > format is an alphanumeric string". Yet besides [A-Za-z0-9] other
> > > > characters like underscore are also fine.
> > > > I had a brief look at the source but did not find any check, e.g.,
> > > > using a regex. Is there any check at all? What are valid container
> > > > identifiers/names?
> > > > I am asking because I am using the official python bindings to write
> a
> > > > little utility and want to avoid container naming problems that may
> > > > arise.
> > > >
> > > > Best regards,
> > > >
> > > > BB
> > >
> > > So LXC itself doesn't really have a definition for valid names, however
> > > since the name is typically used for the container's hostname, you
> > > should stick to what's considered a valid hostname on Linux.
> > >
> > > There's a POSIX RFC for that but IIRC it's basically 64 chars ASCII.
> > >
> > > --
> > > Stéphane Graber
> > > Ubuntu developer
> > > http://www.ubuntu.com
> > > [attachment "signature.asc" deleted by Joel Nider/Haifa/IBM]
> > > _______________________________________________
> > > lxc-devel mailing list
> > > lxc-devel at lists.linuxcontainers.org
> > > http://lists.linuxcontainers.org/listinfo/lxc-devel
> >
> > _______________________________________________
> > lxc-devel mailing list
> > lxc-devel at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-devel
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20141223/b545968f/attachment.html>


More information about the lxc-devel mailing list