Commit
0af683cf added clearing of capabilities to lxc-init, but only
after lxc_setup_fs() was done, likely so that the mounting done in
that routine wouldn't fail.
However, in my testing lxc_caps_reset() wasn't really effective
anyway since it did not clear the bounding set. Adding prctl
PR_CAPBSET_DROP in a loop from 0 to CAP_LAST_CAP would fix this, but I
don't think its necessary to forcefully clear all capabilities since
users can now specify lxc.cap.keep = none to drop all capabilities.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
#define PR_CAPBSET_READ 23
#endif
-int lxc_caps_reset(void)
-{
- cap_t cap = cap_init();
- int ret = 0;
-
- if (!cap) {
- ERROR("cap_init() failed : %m");
- return -1;
- }
-
- if (cap_set_proc(cap)) {
- ERROR("cap_set_proc() failed : %m");
- ret = -1;
- }
-
- cap_free(cap);
- return ret;
-}
-
int lxc_caps_down(void)
{
cap_t caps;
#define __LXC_CAPS_H
#if HAVE_SYS_CAPABILITY_H
-extern int lxc_caps_reset(void);
extern int lxc_caps_down(void);
extern int lxc_caps_up(void);
extern int lxc_caps_init(void);
extern int lxc_caps_last_cap(void);
#else
-static inline int lxc_caps_reset(void) {
- return 0;
-}
static inline int lxc_caps_down(void) {
return 0;
}
}
}
- if (lxc_caps_init())
- exit(EXIT_FAILURE);
-
err = lxc_log_init(name, name ? NULL : "none", logpriority,
basename(argv[0]), quiet, lxcpath);
if (err < 0)
lxc_setup_fs();
- if (lxc_caps_reset())
- exit(EXIT_FAILURE);
-
pid = fork();
if (pid < 0)
projects / thirdparty / lxc.git / commitdiff
