From 50e3e83d3741e01073e5a84ac26f530824d23087 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Thu, 7 May 2020 14:54:31 +0200 Subject: [PATCH] tree-wide: this is all rather TODO than FIXME Signed-off-by: Christian Brauner --- src/lxc/attach_options.h | 2 +- src/lxc/lsm/apparmor.c | 8 ++++---- src/lxc/lxccontainer.h | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/lxc/attach_options.h b/src/lxc/attach_options.h index ec8bea1f6..63e62d4ff 100644 --- a/src/lxc/attach_options.h +++ b/src/lxc/attach_options.h @@ -26,7 +26,7 @@ enum { /* The following are off by default: */ LXC_ATTACH_REMOUNT_PROC_SYS = 0x00010000, /*!< Remount /proc filesystem */ - LXC_ATTACH_LSM_NOW = 0x00020000, /*!< FIXME: unknown */ + LXC_ATTACH_LSM_NOW = 0x00020000, /*!< TODO: currently unused */ /* Set PR_SET_NO_NEW_PRIVS to block execve() gainable privileges. */ LXC_ATTACH_NO_NEW_PRIVS = 0x00040000, /*!< PR_SET_NO_NEW_PRIVS */ LXC_ATTACH_TERMINAL = 0x00080000, /*!< Allocate new terminal for attached process. */ diff --git a/src/lxc/lsm/apparmor.c b/src/lxc/lsm/apparmor.c index f251e5e7e..4fc18eb43 100644 --- a/src/lxc/lsm/apparmor.c +++ b/src/lxc/lsm/apparmor.c @@ -122,7 +122,7 @@ static const char AA_PROFILE_BASE[] = " deny /sys/kernel/debug/{,**} rwklx,\n" "\n" " # allow paths to be made slave, shared, private or unbindable\n" -" # FIXME: This currently doesn't work due to the apparmor parser treating those as allowing all mounts.\n" +" # TODO: This currently doesn't work due to the apparmor parser treating those as allowing all mounts.\n" "# mount options=(rw,make-slave) -> **,\n" "# mount options=(rw,make-rslave) -> **,\n" "# mount options=(rw,make-shared) -> **,\n" @@ -343,7 +343,7 @@ static const char AA_PROFILE_NESTING_BASE[] = " mount /var/lib/lxd/shmounts/ -> /var/lib/lxd/shmounts/,\n" " mount options=bind /var/lib/lxd/shmounts/** -> /var/lib/lxd/**,\n" "\n" -" # FIXME: There doesn't seem to be a way to ask for:\n" +" # TODO: There doesn't seem to be a way to ask for:\n" " # mount options=(ro,nosuid,nodev,noexec,remount,bind),\n" " # as we always get mount to $cdir/proc/sys with those flags denied\n" " # So allow all mounts until that is straightened out:\n" @@ -538,7 +538,7 @@ static inline char *apparmor_namespace(const char *ctname, const char *lxcpath) return full; } -/* FIXME: This is currently run only in the context of a constructor (via the +/* TODO: This is currently run only in the context of a constructor (via the * initial lsm_init() called due to its __attribute__((constructor)), so we * do not have ERROR/... macros available, so there are some fprintf(stderr)s * in there. @@ -560,7 +560,7 @@ static bool check_apparmor_parser_version() lxc_pclose(parserpipe); /* We stay silent for now as this most likely means the shell * lxc_popen executed failed to find the apparmor_parser binary. - * See the FIXME comment above for details. + * See the TODO comment above for details. */ return false; } diff --git a/src/lxc/lxccontainer.h b/src/lxc/lxccontainer.h index 4577de7ff..a9eaeb76b 100644 --- a/src/lxc/lxccontainer.h +++ b/src/lxc/lxccontainer.h @@ -90,7 +90,7 @@ struct lxc_container { * \private * Container configuration. * - * \internal FIXME: do we want the whole lxc_handler? + * \internal TODO: do we want the whole lxc_handler? */ struct lxc_conf *lxc_conf; -- 2.47.3