[lxc-devel] RFC - umask

Serge Hallyn serge.hallyn at ubuntu.com
Thu Sep 11 15:59:21 UTC 2014


Quoting Dwight Engen (dwight.engen at oracle.com):
> On Wed, 10 Sep 2014 20:06:24 +0000
> Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> 
> > Hi,
> > 
> > so https://bugs.launchpad.net/bugs/1367730 points out another case
> > where running lxc under a tight umask can cause trouble for the
> > containers. How best to handle this?
> > 
> > (1) We could ignore it.
> > 
> > (2) We could detect too-tight umasks and warn.
> > 
> > (3) We could set a desirable umask at the top of all api functions.
> > 
> > (4) We could set the umask before any mkdir or create.
> > 
> > (5) We could switch over to using our own custom mkdir and create
> > which do the umask for us.
> > 
> > I'm tempted to go with 4, but am curious what others think.
> 
> I think its probably okay to ignore the callers desired umask for files
> in the container rootfs, but should we respect it for things outside,
> like the container dir itself or the logfile?

It may be doable, but will take some work.

Let's say the user's umask is such that .local/share/lxc/c2 is created
rwx------.  We'll have to place oursilves into .local/share/lxc/c2/rootfs
before we change userns, as otherwise we cannot even get into the
directory.  Any lxc.hooks which are in the container dir will not be
usable (unless we pre-read them, or open them from outside the ns and
pass the fd into the container).


More information about the lxc-devel mailing list