coverity: Do chdir following chroot

We used to do chdir(path), chroot(path). That's correct but not properly
handled coverity, so do chroot(path), chdir("/") instead as that's the
recommended way.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 8eccd367d7367840e43bcca8ef0493a3f0317f17..6fa3db9f0a66e68c7c666d5451343af97173f3d8 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1516,14 +1516,14 @@ static int chroot_into_slave(struct lxc_conf *conf)
                SYSERROR("Failed to make tmp-/ at %s rslave", path);
                return -1;
        }
-       if (chdir(path)) {
-               SYSERROR("Failed to chdir into tmp-/");
-               return -1;
-       }
        if (chroot(path)) {
                SYSERROR("Failed to chroot into tmp-/");
                return -1;
        }
+       if (chdir("/")) {
+               SYSERROR("Failed to chdir into tmp-/");
+               return -1;
+       }
        INFO("Chrooted into tmp-/ at %s", path);
        return 0;
 }

diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index a25c1961dbc06a96194e473cd754a81b2167084d..44e796c29d5cd89c6dcfb3fa0868e9361dcc1617 100644 (file)
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -3142,9 +3142,9 @@ static bool do_add_remove_node(pid_t init_pid, const char *path, bool add,
        if (ret < 0 || ret >= MAXPATHLEN)
                return false;
 
-       if (chdir(chrootpath) < 0)
+       if (chroot(chrootpath) < 0)
                exit(1);
-       if (chroot(".") < 0)
+       if (chdir("/") < 0)
                exit(1);
        /* remove path if it exists */
        if(faccessat(AT_FDCWD, path, F_OK, AT_SYMLINK_NOFOLLOW) == 0) {