[lxc-devel] [lxc/lxc] 9650c7: better check for lock dir

GitHub noreply at github.com
Fri Jan 26 22:39:31 UTC 2018 

  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: 9650c735c7dd56bb5200b20f85e5b6b0482edb7b
      https://github.com/lxc/lxc/commit/9650c735c7dd56bb5200b20f85e5b6b0482edb7b
  Author: Tycho Andersen <tycho at tycho.ws>
  Date:   2018-01-26 (Fri, 26 Jan 2018)

  Changed paths:
    M src/lxc/utils.c

  Log Message:
  -----------
  better check for lock dir

Consider the case where we're running in a user namespace but in the host's
mount ns with the host's filesystem (something like
lxc-usernsexec ... lxc-execute ...), in this case, we'll be euid 0, but we
can't actually write to /run. Let's improve this locking check to make sure
we can actually write to /run before we decide to actually use it as our
locking dir.

Signed-off-by: Tycho Andersen <tycho at tycho.ws>


  Commit: 4692c01af27c050f762026089efd17ddf717968b
      https://github.com/lxc/lxc/commit/4692c01af27c050f762026089efd17ddf717968b
  Author: Tycho Andersen <tycho at tycho.ws>
  Date:   2018-01-26 (Fri, 26 Jan 2018)

  Changed paths:
    M src/lxc/utils.h

  Log Message:
  -----------
  better unprivileged detection

In particular, if we are already in a user namespace we are unprivileged,
and doing things like moving the physical nics back to the host netns won't
work. Let's do the same thing LXD does if euid == 0: inspect
/proc/self/uid_map and see what that says.

Signed-off-by: Tycho Andersen <tycho at tycho.ws>


  Commit: 5384e99dee4f15835bfe995845c0fde722e3d662
      https://github.com/lxc/lxc/commit/5384e99dee4f15835bfe995845c0fde722e3d662
  Author: Tycho Andersen <tycho at tycho.ws>
  Date:   2018-01-26 (Fri, 26 Jan 2018)

  Changed paths:
    M src/lxc/lxccontainer.c
    M src/lxc/network.c
    M src/lxc/start.c
    M src/lxc/storage/aufs.c
    M src/lxc/storage/btrfs.c
    M src/lxc/storage/overlay.c
    M src/lxc/storage/storage.c
    M src/lxc/utils.h

  Log Message:
  -----------
  rename am_unpriv to am_host_unpriv

Signed-off-by: Tycho Andersen <tycho at tycho.ws>


  Commit: 0cea297717215fe1c83c7415e8d633327feab1d0
      https://github.com/lxc/lxc/commit/0cea297717215fe1c83c7415e8d633327feab1d0
  Author: Christian Brauner <christian.brauner at ubuntu.com>
  Date:   2018-01-26 (Fri, 26 Jan 2018)

  Changed paths:
    M src/lxc/lxccontainer.c
    M src/lxc/network.c
    M src/lxc/start.c
    M src/lxc/storage/aufs.c
    M src/lxc/storage/btrfs.c
    M src/lxc/storage/overlay.c
    M src/lxc/storage/storage.c
    M src/lxc/utils.c
    M src/lxc/utils.h

  Log Message:
  -----------
  Merge pull request #2111 from tych0/unpriv-fixups

Unpriv fixups


Compare: https://github.com/lxc/lxc/compare/3fdb1cf43108...0cea29771721

More information about the lxc-devel mailing list