From bdcbb6b377528e524094b6cefaae178c6240df51 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Wed, 6 Sep 2017 00:43:05 +0200
Subject: [PATCH] doc: bugfixes

- lxc.id_map -> lxc.idmap
- document lxc.cgroup.dir

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 doc/ja/lxc.container.conf.sgml.in | 10 +++++-----
 doc/ko/lxc.container.conf.sgml.in |  6 +++---
 doc/lxc.container.conf.sgml.in    | 27 +++++++++++++++++++++++----
 src/lxc/cgroups/cgmanager.c       |  2 +-
 src/lxc/conf.c                    |  4 ++--
 src/lxc/conf.h                    |  8 ++++----
 src/tests/lxc-test-apparmor-mount |  4 ++--
 src/tests/lxc-test-unpriv         |  4 ++--
 src/tests/lxc-test-usernic.in     |  4 ++--
 src/tests/parse_config_file.c     | 28 ++++++++++++++++++++++++++++
 templates/lxc-sabayon.in          |  4 ++--
 11 files changed, 74 insertions(+), 27 deletions(-)
diff --git a/doc/ja/lxc.container.conf.sgml.in b/doc/ja/lxc.container.conf.sgml.in
index 6c4dadef0..f567e8212 100644
--- a/doc/ja/lxc.container.conf.sgml.in
+++ b/doc/ja/lxc.container.conf.sgml.in
@@ -105,11 +105,11 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
       example, a process running as UID and GID 0 inside the container might
       appear as UID and GID 100000 on the host.  The implementation and working
       details can be gathered from the corresponding user namespace man page.
-      UID and GID mappings can be defined with the <option>lxc.id_map</option>
+      UID and GID mappings can be defined with the <option>lxc.idmap</option>
       key.
         -->
       æ¬è³ªçã«ã¯ãã¦ã¼ã¶ååç©ºéã¯ä¸ãããã UIDãGID ã®çµãéé¢ãã¾ããã¦ã¼ã¶ååç©ºéã¯ããã¹ãä¸ã® UIDãGID ã®ããç¯å²ããããã¨ã¯ç°ãªãã³ã³ããä¸ã® UIDãGID ã®ç¯å²ã¸ãããã³ã°ãããã¨ã§å®ç¾ãã¾ããã«ã¼ãã«ã¯ããã¹ãä¸ã§ã¯å®éã«ã¯ UIDãGID ã¯ç¹æ¨©ãæããªãã«ãé¢ããããã³ã³ããåã§ã¯ãã¹ã¦ã® UIDãGID ãæå¾ãããããã«è¦ããããã«å¤æãè¡ãã¾ãã
-      ä¾ãã°ãã³ã³ããåã§ã¯ UIDãGID ã 0 ã¨ãã¦å®è¡ä¸­ã®ãã­ã»ã¹ã¯ããã¹ãä¸ã§ã¯ UIDãGID ã 100000 ã¨ãã¦è¦ããã§ããããå®è£ã¨åä½ã®è©³ç´°ã¯ãã¦ã¼ã¶ååç©ºéã® man ãã¼ã¸ããå¾ããã¾ããUID ã¨ GID ã®ãããã³ã°ã¯ <option>lxc.id_map</option> ãä½¿ã£ã¦å®ç¾©ã§ãã¾ãã
+      ä¾ãã°ãã³ã³ããåã§ã¯ UIDãGID ã 0 ã¨ãã¦å®è¡ä¸­ã®ãã­ã»ã¹ã¯ããã¹ãä¸ã§ã¯ UIDãGID ã 100000 ã¨ãã¦è¦ããã§ããããå®è£ã¨åä½ã®è©³ç´°ã¯ãã¦ã¼ã¶ååç©ºéã® man ãã¼ã¸ããå¾ããã¾ããUID ã¨ GID ã®ãããã³ã°ã¯ <option>lxc.idmap</option> ãä½¿ã£ã¦å®ç¾©ã§ãã¾ãã
     </para>
 
     <para>
@@ -1904,7 +1904,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
       <variablelist>
         <varlistentry>
           <term>
-            <option>lxc.id_map</option>
+            <option>lxc.idmap</option>
           </term>
           <listitem>
             <para>
@@ -2642,8 +2642,8 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
         ãã®è¨­å®ã¯ãã³ã³ããåã®ã¦ã¼ã¶ã¨ã°ã«ã¼ãä¸¡æ¹ã® id 0-9999 ã®ç¯å²ãããã¹ãä¸ã® 100000-109999 ã¸ãããã³ã°ãã¾ãã
       </para>
       <programlisting>
-        lxc.id_map = u 0 100000 10000
-        lxc.id_map = g 0 100000 10000
+        lxc.idmap = u 0 100000 10000
+        lxc.idmap = g 0 100000 10000
       </programlisting>
     </refsect2>
 
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index b0466a1eb..e880525a6 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -1839,7 +1839,7 @@ mknod errno 0
       <variablelist>
 	<varlistentry>
 	  <term>
-	    <option>lxc.id_map</option>
+	    <option>lxc.idmap</option>
 	  </term>
 	  <listitem>
 	    <para>
@@ -2564,8 +2564,8 @@ mknod errno 0
         ì´ ì¤ì ì UIDì GID ëë¤ë¥¼ ì»¨íì´ëì 0 ~ 9999ë¥¼ í¸ì¤í¸ì 100000 ~ 109999ë¡ ë§¤ííë¤.
       </para>
       <programlisting>
-	lxc.id_map = u 0 100000 10000
-	lxc.id_map = g 0 100000 10000
+	lxc.idmap = u 0 100000 10000
+	lxc.idmap = g 0 100000 10000
       </programlisting>
     </refsect2>
 
diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
index f3b594ea0..397222f0b 100644
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -86,7 +86,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
       example, a process running as UID and GID 0 inside the container might
       appear as UID and GID 100000 on the host.  The implementation and working
       details can be gathered from the corresponding user namespace man page.
-      UID and GID mappings can be defined with the <option>lxc.id_map</option>
+      UID and GID mappings can be defined with the <option>lxc.idmap</option>
       key.
     </para>
 
@@ -1129,6 +1129,25 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
             </para>
           </listitem>
         </varlistentry>
+        <varlistentry>
+          <term>
+            <option>lxc.cgroup.dir</option>
+          </term>
+          <listitem>
+            <para>
+              specify a directory or path in which the container's cgroup will
+              be created. For example, setting
+              <option>lxc.cgroup.dir = my-cgroup/first</option> for a container
+              named "c1" will create the container's cgroup as a sub-cgroup of
+              "my-cgroup". For example, if the user's current cgroup "my-user"
+              is located in the root cgroup of the cpuset controllerin in a
+              cgroup v1 hierarchy this would create the cgroup
+              "/sys/fs/cgroup/cpuset/my-user/my-cgroup/first/c1" for the
+              container. Any missing cgroups will be created by LXC. This
+              presupposes that the user has write access to its current cgroup.
+            </para>
+          </listitem>
+        </varlistentry>
       </variablelist>
     </refsect2>
 
@@ -1383,7 +1402,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
       <variablelist>
         <varlistentry>
           <term>
-            <option>lxc.id_map</option>
+            <option>lxc.idmap</option>
           </term>
           <listitem>
             <para>
@@ -1935,8 +1954,8 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
         range 0-9999 in the container to the ids 100000-109999 on the host.
       </para>
       <programlisting>
-        lxc.id_map = u 0 100000 10000
-        lxc.id_map = g 0 100000 10000
+        lxc.idmap = u 0 100000 10000
+        lxc.idmap = g 0 100000 10000
       </programlisting>
     </refsect2>
 
diff --git a/src/lxc/cgroups/cgmanager.c b/src/lxc/cgroups/cgmanager.c
index 6c6278e59..054eb1715 100644
--- a/src/lxc/cgroups/cgmanager.c
+++ b/src/lxc/cgroups/cgmanager.c
@@ -1559,7 +1559,7 @@ static bool cgm_chown(void *hdata, struct lxc_conf *conf)
 }
 
 /*
- * TODO: this should be re-written to use the get_config_item("lxc.id_map")
+ * TODO: this should be re-written to use the get_config_item("lxc.idmap")
  * cmd api instead of getting the idmap from c->lxc_conf.  The reason is
  * that the id_maps may be different if the container was started with a
  * -f or -s argument.
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 6e5af200c..7a1188165 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3972,8 +3972,8 @@ void suggest_default_idmap(void)
 	ERROR("To pass uid mappings to lxc-create, you could create");
 	ERROR("~/.config/lxc/default.conf:");
 	ERROR("lxc.include = %s", LXC_DEFAULT_CONFIG);
-	ERROR("lxc.id_map = u 0 %u %u", uid, urange);
-	ERROR("lxc.id_map = g 0 %u %u", gid, grange);
+	ERROR("lxc.idmap = u 0 %u %u", uid, urange);
+	ERROR("lxc.idmap = g 0 %u %u", gid, grange);
 
 	free(gname);
 	free(uname);
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 7c38d93ba..882c9cd83 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -96,10 +96,10 @@ enum idtype {
 
 /*
  * id_map is an id map entry.  Form in confile is:
- * lxc.id_map = u 0    9800 100
- * lxc.id_map = u 1000 9900 100
- * lxc.id_map = g 0    9800 100
- * lxc.id_map = g 1000 9900 100
+ * lxc.idmap = u 0    9800 100
+ * lxc.idmap = u 1000 9900 100
+ * lxc.idmap = g 0    9800 100
+ * lxc.idmap = g 1000 9900 100
  * meaning the container can use uids and gids 0-99 and 1000-1099,
  * with [ug]id 0 mapping to [ug]id 9800 on the host, and [ug]id 1000 to
  * [ug]id 9900 on the host.
diff --git a/src/tests/lxc-test-apparmor-mount b/src/tests/lxc-test-apparmor-mount
index 390c6f46c..a09fd5443 100755
--- a/src/tests/lxc-test-apparmor-mount
+++ b/src/tests/lxc-test-apparmor-mount
@@ -102,8 +102,8 @@ mkdir -p $HDIR/.config/lxc/
 cat > $HDIR/.config/lxc/default.conf << EOF
 lxc.net.0.type = veth
 lxc.net.0.link = lxcbr0
-lxc.id_map = u 0 910000 9999
-lxc.id_map = g 0 910000 9999
+lxc.idmap = u 0 910000 9999
+lxc.idmap = g 0 910000 9999
 EOF
 chown -R $TUSER: $HDIR
 
diff --git a/src/tests/lxc-test-unpriv b/src/tests/lxc-test-unpriv
index 40c6bf667..5fe092794 100755
--- a/src/tests/lxc-test-unpriv
+++ b/src/tests/lxc-test-unpriv
@@ -118,8 +118,8 @@ mkdir -p $HDIR/.config/lxc/
 cat > $HDIR/.config/lxc/default.conf << EOF
 lxc.net.0.type = veth
 lxc.net.0.link = lxcbr0
-lxc.id_map = u 0 910000 9999
-lxc.id_map = g 0 910000 9999
+lxc.idmap = u 0 910000 9999
+lxc.idmap = g 0 910000 9999
 EOF
 chown -R $TUSER: $HDIR
 
diff --git a/src/tests/lxc-test-usernic.in b/src/tests/lxc-test-usernic.in
index 53bc8166c..f7d19a362 100755
--- a/src/tests/lxc-test-usernic.in
+++ b/src/tests/lxc-test-usernic.in
@@ -81,8 +81,8 @@ usermod -v 910000-919999 -w 910000-919999 usernic-user
 mkdir -p /home/usernic-user/.config/lxc/
 cat > /home/usernic-user/.config/lxc/default.conf << EOF
 lxc.net.0.type = empty
-lxc.id_map = u 0 910000 10000
-lxc.id_map = g 0 910000 10000
+lxc.idmap = u 0 910000 10000
+lxc.idmap = g 0 910000 10000
 EOF
 
 if which cgm >/dev/null 2>&1; then
diff --git a/src/tests/parse_config_file.c b/src/tests/parse_config_file.c
index ef03b9285..db61dd044 100644
--- a/src/tests/parse_config_file.c
+++ b/src/tests/parse_config_file.c
@@ -455,6 +455,34 @@ int main(int argc, char *argv[])
 		return -1;
 	}
 
+	/* lxc.idmap
+	 * We can't really save the config here since save_config() wants to
+	 * chown the container's directory but we haven't created an on-disk
+	 * container. So let's test set-get-clear.
+	 */
+	if (set_get_compare_clear_save_load(
+		c, "lxc.idmap", "u 0 100000 1000000000", NULL, false) < 0) {
+		lxc_error("%s\n", "lxc.idmap");
+		goto non_test_error;
+	}
+
+	if (!c->set_config_item(c, "lxc.idmap", "u 1 100000 10000000")) {
+		lxc_error("%s\n", "failed to set config item "
+				  "\"lxc.idmap\" to \"u 1 100000 10000000\"");
+		return -1;
+	}
+
+	if (!c->set_config_item(c, "lxc.idmap", "g 1 100000 10000000")) {
+		lxc_error("%s\n", "failed to set config item "
+				  "\"lxc.idmap\" to \"g 1 100000 10000000\"");
+		return -1;
+	}
+
+	if (!c->get_config_item(c, "lxc.idmap", retval, sizeof(retval))) {
+		lxc_error("%s\n", "failed to get config item \"lxc.cgroup\"");
+		return -1;
+	}
+
 	c->clear_config(c);
 	c->lxc_conf = NULL;
 
diff --git a/templates/lxc-sabayon.in b/templates/lxc-sabayon.in
index 76e877d47..75e5c765e 100644
--- a/templates/lxc-sabayon.in
+++ b/templates/lxc-sabayon.in
@@ -287,8 +287,8 @@ configure_container() {
     if [[ $unprivileged && $unprivileged == true ]] ; then
         if [[ $flush_owner == true ]] ; then
             unprivileged_options="
-lxc.id_map = u 0 ${mapped_uid} 65536
-lxc.id_map = g 0 ${mapped_gid} 65536
+lxc.idmap = u 0 ${mapped_uid} 65536
+lxc.idmap = g 0 ${mapped_gid} 65536
 "
         fi
 
-- 
2.47.2

