[lxc-devel] [lxc/lxc] 0c3e8f: do_lxcapi_create: set umask
GitHub
noreply at github.com
Sun Apr 29 09:09:55 UTC 2018
Branch: refs/heads/stable-3.0
Home: https://github.com/lxc/lxc
Commit: 0c3e8f142c4d1825227c956b09a6c7f2d53be6a7
https://github.com/lxc/lxc/commit/0c3e8f142c4d1825227c956b09a6c7f2d53be6a7
Author: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
Date: 2018-04-29 (Sun, 29 Apr 2018)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
do_lxcapi_create: set umask
Always use 022 as the umask when creating the rootfs directory and
executing the template. A too loose umask may cause security issues.
A too strict umask may cause programs to fail inside the container.
Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
Commit: e75a2146d010d940c3afc64699c2b145df0e9ea7
https://github.com/lxc/lxc/commit/e75a2146d010d940c3afc64699c2b145df0e9ea7
Author: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
Date: 2018-04-29 (Sun, 29 Apr 2018)
Changed paths:
M src/lxc/tools/lxc_monitor.c
Log Message:
-----------
lxc/tools/lxc_monitor: include missing <stddef.h>
lxc_monitor.c uses offsetof(), so it should include
<stddef.h>. Otherwise the build fails with the musl C library:
tools/lxc_monitor.c: In function ‘lxc_abstract_unix_connect’:
tools/lxc_monitor.c:324:9: warning: implicit declaration of function ‘offsetof’ [-Wimplicit-function-declaration]
offsetof(struct sockaddr_un, sun_path) + len + 1);
^~~~~~~~
tools/lxc_monitor.c:324:18: error: expected expression before ‘struct’
offsetof(struct sockaddr_un, sun_path) + len + 1);
^~~~~~
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
Commit: 4b088194d63f5f28ee671e30c7be58e8800c5b63
https://github.com/lxc/lxc/commit/4b088194d63f5f28ee671e30c7be58e8800c5b63
Author: Jonathan Calmels <jcalmels at nvidia.com>
Date: 2018-04-29 (Sun, 29 Apr 2018)
Changed paths:
M src/lxc/pam/pam_cgfs.c
Log Message:
-----------
pam-cgfs: ignore the system umask when creating the cgroup hierarchy
Fixes: #2277
Signed-off-by: Jonathan Calmels <jcalmels at nvidia.com>
Commit: 244508d16ce764fcafeedae69d0a0b05283a0e18
https://github.com/lxc/lxc/commit/244508d16ce764fcafeedae69d0a0b05283a0e18
Author: Daniel Selifonov <ds at thyth.com>
Date: 2018-04-29 (Sun, 29 Apr 2018)
Changed paths:
M src/lxc/tools/lxc_checkpoint.c
Log Message:
-----------
Also pass action scripts to CRIU on checkpointing
Signed-off-by: Daniel Selifonov <ds at thyth.com>
Commit: 98097794f71ae6b7f854e24f12109ec3c608ac3e
https://github.com/lxc/lxc/commit/98097794f71ae6b7f854e24f12109ec3c608ac3e
Author: LiFeng <lifeng68 at huawei.com>
Date: 2018-04-29 (Sun, 29 Apr 2018)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
Fix the memory leak in cgfsng_attach
Signed-off-by: LiFeng <lifeng68 at huawei.com>
Commit: 8312779972d7349d39d74389f088adc9b9a37245
https://github.com/lxc/lxc/commit/8312779972d7349d39d74389f088adc9b9a37245
Author: LiFeng <lifeng68 at huawei.com>
Date: 2018-04-29 (Sun, 29 Apr 2018)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Fix memory leak in list_active_containers
Signed-off-by: LiFeng <lifeng68 at huawei.com>
Commit: c42734f80090cfa44a3f41fa6f3c7a5b83ebbf54
https://github.com/lxc/lxc/commit/c42734f80090cfa44a3f41fa6f3c7a5b83ebbf54
Author: Serj Kalichev <serj.kalichev at gmail.com>
Date: 2018-04-29 (Sun, 29 Apr 2018)
Changed paths:
M src/lxc/tools/tool_utils.h
Log Message:
-----------
Fix tool_utils.c build when HAVE_SETNS is unset
Add inline setns() function to tool_utils.h. Without it
tool_utils.c can't be build when HAVE_SETNS is unset.
Signed-off-by: Serj Kalichev <serj.kalichev at gmail.com>
Compare: https://github.com/lxc/lxc/compare/d0adf63a044d...c42734f80090
More information about the lxc-devel
mailing list