git.ipfire.org Git - thirdparty/lxc.git/commit

lxc_unshare: Add uid_mapping when creating userns

Change conf.c to export function write_id_mapping, which will now be
called inside main function of lxc_unshare.c.

This is required because setuid syscalls only permits a new userns to
set a new uid if the uid of parameter is mapped inside the ns using
uid_map file[1]. So, just after the clone invocation, map the uid passed as
parameter into the newly created user namespace, and put the current uid
as the ID-outside-ns. After the mapping is done, setuid call succeeds.

Closes: #494
[1] https://elixir.free-electrons.com/linux/latest/source/kernel/user_namespace.c#L286

Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>

author	Marcos Paulo de Souza <marcos.souza.org@gmail.com>
	Wed, 29 Nov 2017 01:49:28 +0000 (23:49 -0200)
committer	Christian Brauner <christian.brauner@ubuntu.com>
	Fri, 15 Dec 2017 11:42:31 +0000 (12:42 +0100)
commit	28f7670c1919c236bafc2893706afe13fbf23008
tree	e445a5fd7c6fafe88700319ad526752126362f15	tree \| snapshot
parent	eb59c469a4b5d0b2748b89514743350d03f70c19	commit \| diff

src/lxc/conf.c		diff \| blob \| blame \| history
src/lxc/conf.h		diff \| blob \| blame \| history
src/lxc/tools/lxc_unshare.c		diff \| blob \| blame \| history