[lxc-users] PAM-CGFS error messages
Serge E. Hallyn
serge at hallyn.com
Mon Aug 22 14:05:06 UTC 2016
Quoting Andreas Kirbach (akirbach at forumhome.com):
> Serge E. Hallyn wrote:
> > Hi,
> >
> > thanks for commenting on this. Indeed the current behavior is wrong.
> > The right thing is not as simple as returning true though. If you
> > look at handle_login(), it checks for existed == 1 and continues with
> > the next index if so. But it will have bailed due to cgfs_create()
> > returning false before that. That is the bug. So handle_login()
> > should be doing:
> >
> > *existed = false;
> > if (!cgfs_create(cg, uid, gid, &existed) && !existed) {
> > mysyslog(LOG_ERR, "Failed to create a cgroup for user %s\n", user);
> > return PAM_SESSION_ERR;
> > }
> > if (existed) {
> > idx++;
> > continue;
> > }
> >
> > then !cgfs_create_forone() should return false when existed == true,
> > not true. I *think* that should handle all the cases correctly.
> >
> > Does it look right to you? Do you want to send a patch for this? (Else
> > I can push it tonight)
> Hi Serge,
>
> thanks for your feedback.
>
> I've applied the attached patch and the error messages seem to have gone
> away and I haven't noticed any other problems, but I can't say if this
> is now working correctly or not as I am not familiar with the code.
>
> I'd therefore highly appreciate if you could push a patch.
Done in git head - thanks for testing!
-serge
More information about the lxc-users
mailing list