[lxc-devel] [PATCH] Create lxcpath if it's missing

Stéphane Graber stgraber at ubuntu.com
Tue May 12 18:43:07 UTC 2015 

On Tue, May 12, 2015 at 02:27:48PM -0400, S.Çağlar Onur wrote:
> Otherwise calling list_defined_containers just after installing LXC ends up with the following error
> 
> lxc: lxccontainer.c: list_defined_containers: 4310 No such file or directory - opendir on lxcpath
> 
> $ /home/caglar/go/src/gopkg.in/lxc/go-lxc.v2/examples/list
> 2015/05/12 14:23:08 Defined containers:
> lxc: lxccontainer.c: list_defined_containers: 4310 No such file or directory - opendir on lxcpath
> 2015/05/12 14:23:08
> 2015/05/12 14:23:08 Active containers:
> 2015/05/12 14:23:08
> 2015/05/12 14:23:08 Active and Defined containers:
> $
> 
> Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
> ---
>  src/lxc/lxccontainer.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
> index 8999f44..e8bade3 100644
> --- a/src/lxc/lxccontainer.c
> +++ b/src/lxc/lxccontainer.c
> @@ -3965,6 +3965,11 @@ int list_defined_containers(const char *lxcpath, char ***names, struct lxc_conta
>  	if (!lxcpath)
>  		lxcpath = lxc_global_config_value("lxc.lxcpath");
>  
> +	if (mkdir_p(lxcpath, 0755) < 0) {

I'm not yet sure that we really want to do the mkdir, but the dir
permission there is wrong, lxcpath should be 700.

The reason for this is to avoid security issues where an unprivileged
user can traverse through lxcpath and find an old setuid binary with a
security issue they can use to gain root.

> +		SYSERROR("failed to create lxcpath directory %s", lxcpath);
> +		return -1;
> +	}
> +
>  	dir = opendir(lxcpath);
>  	if (!dir) {
>  		SYSERROR("opendir on lxcpath");
> -- 
> 2.1.4
> 
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20150512/71e0132f/attachment.sig>

More information about the lxc-devel mailing list