conf{ile}: detect ns{g,u}id mapping for root

Closes #2033.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index de661c0044cae5dcb9a822c5669bf5e2e9af43b4..9f7f8d8fa7f61f6a89bc8b0934809cd78a687a22 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2573,6 +2573,8 @@ struct lxc_conf *lxc_conf_init(void)
        lxc_list_init(&new->caps);
        lxc_list_init(&new->keepcaps);
        lxc_list_init(&new->id_map);
+       new->root_nsuid_map = NULL;
+       new->root_nsgid_map = NULL;
        lxc_list_init(&new->includes);
        lxc_list_init(&new->aliens);
        lxc_list_init(&new->environment);

diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index b7ddf1d3f434dedf95847115dfa113780cfcb368..37123822037dc874f7fea9f7ab329027f3c04a53 100644 (file)
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -282,7 +282,15 @@ struct lxc_conf {
        signed long personality;
        struct utsname *utsname;
        struct lxc_list cgroup;
-       struct lxc_list id_map;
+       struct {
+               struct lxc_list id_map;
+               /* Pointer to the idmap entry for the container's root uid in
+                * the id_map list. Do not free! */
+               struct id_map *root_nsuid_map;
+               /* Pointer to the idmap entry for the container's root gid in
+                * the id_map list. Do not free! */
+               struct id_map *root_nsgid_map;
+       };
        struct lxc_list network;
        int auto_mounts;
        struct lxc_list mount_list;

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index cde4f3e864fceaacdc26184a706fc3e9c114fdfb..0033d5597f5cca5c3235bc9e249abd433ff63c3f 100644 (file)
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1681,6 +1681,16 @@ static int set_config_idmaps(const char *key, const char *value,
        idmap->range = range;
        idmaplist->elem = idmap;
        lxc_list_add_tail(&lxc_conf->id_map, idmaplist);
+
+       if (!lxc_conf->root_nsuid_map && idmap->idtype == ID_TYPE_UID)
+               if (idmap->nsid == 0)
+                       lxc_conf->root_nsuid_map = idmap;
+
+
+       if (!lxc_conf->root_nsuid_map && idmap->idtype == ID_TYPE_GID)
+               if (idmap->nsid == 0)
+                       lxc_conf->root_nsgid_map = idmap;
+
        idmap = NULL;
 
        return 0;