[lxc-devel] [lxd/master] lxc/move: Bypass security.protection.delete
stgraber on Github
lxc-bot at linuxcontainers.org
Thu Oct 22 13:51:18 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 370 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20201022/dbdca047/attachment.bin>
-------------- next part --------------
From 20d1f8c00596b8aa84bfc50a00757be78807718f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Thu, 22 Oct 2020 09:50:19 -0400
Subject: [PATCH] lxc/move: Bypass security.protection.delete
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes #8075
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxc/delete.go | 24 ++++++++++++++++++++++--
lxc/move.go | 1 +
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/lxc/delete.go b/lxc/delete.go
index 7bc3caf4f0..5aad5dfe4c 100644
--- a/lxc/delete.go
+++ b/lxc/delete.go
@@ -18,8 +18,9 @@ import (
type cmdDelete struct {
global *cmdGlobal
- flagForce bool
- flagInteractive bool
+ flagForce bool
+ flagForceProtected bool
+ flagInteractive bool
}
func (c *cmdDelete) Command() *cobra.Command {
@@ -125,6 +126,25 @@ func (c *cmdDelete) Run(cmd *cobra.Command, args []string) error {
}
}
+ if c.flagForceProtected && shared.IsTrue(ct.ExpandedConfig["security.protection.delete"]) {
+ // Refresh in case we had to stop it above.
+ ct, etag, err := resource.server.GetInstance(resource.name)
+ if err != nil {
+ return err
+ }
+
+ ct.Config["security.protection.delete"] = "false"
+ op, err := resource.server.UpdateInstance(resource.name, ct.Writable(), etag)
+ if err != nil {
+ return err
+ }
+
+ err = op.Wait()
+ if err != nil {
+ return err
+ }
+ }
+
if err := c.doDelete(resource.server, resource.name); err != nil {
return err
}
diff --git a/lxc/move.go b/lxc/move.go
index 8a1b812976..f77bf6f222 100644
--- a/lxc/move.go
+++ b/lxc/move.go
@@ -198,6 +198,7 @@ func (c *cmdMove) Run(cmd *cobra.Command, args []string) error {
del := cmdDelete{global: c.global}
del.flagForce = true
+ del.flagForceProtected = true
err = del.Run(cmd, args[:1])
if err != nil {
return errors.Wrap(err, "Failed to delete original instance after copying it")
More information about the lxc-devel
mailing list