[lxc-devel] [lxc/lxc] 477aa3: define am_guest_unpriv

GitHub noreply at github.com
Thu Feb 8 22:40:52 UTC 2018 

  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: 477aa378e9050ed5d7de22b6ff05a83f38824036
      https://github.com/lxc/lxc/commit/477aa378e9050ed5d7de22b6ff05a83f38824036
  Author: Serge Hallyn <shallyn at cisco.com>
  Date:   2018-02-08 (Thu, 08 Feb 2018)

  Changed paths:
    M src/lxc/utils.h

  Log Message:
  -----------
  define am_guest_unpriv

Sometimes we want to know whether we are privileged wrt our
namespaces, and sometimes we want to know whether we are priv
wrt init_user_ns.

Signed-off-by: Serge Hallyn <shallyn at cisco.com>


  Commit: e0010464c71ddd81eb36f2532618945d0afe924c
      https://github.com/lxc/lxc/commit/e0010464c71ddd81eb36f2532618945d0afe924c
  Author: Serge Hallyn <shallyn at cisco.com>
  Date:   2018-02-08 (Thu, 08 Feb 2018)

  Changed paths:
    M src/lxc/lxccontainer.c
    M src/lxc/network.c
    M src/lxc/start.c
    M src/lxc/storage/aufs.c
    M src/lxc/storage/btrfs.c
    M src/lxc/storage/overlay.c
    M src/lxc/storage/storage.c

  Log Message:
  -----------
  Restore most cases of am_guest_unpriv

The only cases where we really need to be privileged with respect
to the host is when we are trying to mknod, and in some cases
to do with a physical network device.  This patch leaves the
detection of the network device cases as a TODO.

This should fix the currently broken case of starting a privileged
container with at least one veth nic, nested inside an unprivileged
container.

Cc: Tycho Andersen <tycho at tycho.ws>
Signed-off-by: Serge Hallyn <shallyn at cisco.com>


  Commit: e3fe3512c3f8986ec05529a339bdcec5145eb394
      https://github.com/lxc/lxc/commit/e3fe3512c3f8986ec05529a339bdcec5145eb394
  Author: Christian Brauner <christian.brauner at ubuntu.com>
  Date:   2018-02-08 (Thu, 08 Feb 2018)

  Changed paths:
    M src/lxc/lxccontainer.c
    M src/lxc/network.c
    M src/lxc/start.c
    M src/lxc/storage/aufs.c
    M src/lxc/storage/btrfs.c
    M src/lxc/storage/overlay.c
    M src/lxc/storage/storage.c
    M src/lxc/utils.h

  Log Message:
  -----------
  Merge pull request #2142 from hallyn/2018-02-08/priv

2018 02 08/priv


Compare: https://github.com/lxc/lxc/compare/5596585d3bf0...e3fe3512c3f8

More information about the lxc-devel mailing list