[lxc-devel] [lxc/master] lxccontainer: fix mount api (mount_injection_file)

brauner on Github lxc-bot at linuxcontainers.org
Mon Dec 17 09:45:38 UTC 2018 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20181217/256236ac/attachment.bin>
-------------- next part --------------
From 92c550fa34ab138fadd5e48de165b7b38b00edf4 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 17 Dec 2018 10:43:18 +0100
Subject: [PATCH] lxccontainer: fix mount api (mount_injection_file)

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/api_extensions.h |  1 +
 src/lxc/lxccontainer.c   |  2 +-
 src/lxc/utils.h          | 13 +++++++++++++
 3 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/lxc/api_extensions.h b/src/lxc/api_extensions.h
index 226567f665..810d398285 100644
--- a/src/lxc/api_extensions.h
+++ b/src/lxc/api_extensions.h
@@ -40,6 +40,7 @@ static char *api_extensions[] = {
 	"reboot2",
 	"mount_injection",
 	"cgroup_relative",
+	"mount_injection_file",
 };
 
 static size_t nr_api_extensions = sizeof(api_extensions) / sizeof(*api_extensions);
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index a7f29838aa..925c0d8912 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -4957,7 +4957,7 @@ static int create_mount_target(const char *dest, mode_t st_mode)
 	if (S_ISDIR(st_mode))
 		ret = mkdir(dest, 0000);
 	else
-		ret = mknod(dest, S_IFREG | 0000, 0);
+		ret = lxc_zero_perm_file(dest);
 	if (ret < 0) {
 		SYSERROR("Failed to create mount target \"%s\"", dest);
 		return -1;
diff --git a/src/lxc/utils.h b/src/lxc/utils.h
index 6314b7985a..9af5769bbd 100644
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -26,6 +26,9 @@
 /* Properly support loop devices on 32bit systems. */
 #define _FILE_OFFSET_BITS 64
 
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
 #include <errno.h>
 #include <linux/loop.h>
 #include <linux/types.h>
@@ -243,4 +246,14 @@ extern int fd_cloexec(int fd, bool cloexec);
 extern int recursive_destroy(char *dirname);
 extern int lxc_setup_keyring(void);
 
+static inline int lxc_zero_perm_file(const char *path)
+{
+	int fd = open(path, O_CREAT | O_CLOEXEC, 0);
+	if (fd < 0)
+		return -1;
+
+	close(fd);
+	return 0;
+}
+
 #endif /* __LXC_UTILS_H */

More information about the lxc-devel mailing list