start: fix death signal

On set{g,u}id() the kernel does:

 	/* dumpability changes */
	if (!uid_eq(old->euid, new->euid) ||
	    !gid_eq(old->egid, new->egid) ||
	    !uid_eq(old->fsuid, new->fsuid) ||
	    !gid_eq(old->fsgid, new->fsgid) ||
	    !cred_cap_issubset(old, new)) {
		if (task->mm)
			set_dumpable(task->mm, suid_dumpable);
		task->pdeath_signal = 0;
		smp_wmb();
	}

which means we need to re-enable the deat signal after the set{g,u}id().

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/start.c b/src/lxc/start.c
index 11fab46eed84cd7ce914342d94761e5b30bdea9e..57c518aa8c23baee37f9fc245fcd960764eaf4f9 100644 (file)
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -918,8 +918,9 @@ static int do_start(void *data)
         * exit before we set the pdeath signal leading to a unsupervized
         * container.
         */
-       if (prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0)) {
-               SYSERROR("Failed to set PR_SET_PDEATHSIG to SIGKILL.");
+       ret = prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0);
+       if (ret < 0) {
+               SYSERROR("Failed to set PR_SET_PDEATHSIG to SIGKILL");
                return -1;
        }
 
@@ -977,6 +978,13 @@ static int do_start(void *data)
                        if (ret < 0)
                                goto out_warn_father;
                }
+
+               /* set{g,u}id() clears deathsignal */
+               ret = prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0);
+               if (ret < 0) {
+                       SYSERROR("Failed to set PR_SET_PDEATHSIG to SIGKILL");
+                       goto out_warn_father;
+               }
        }
 
        if (access(handler->lxcpath, X_OK)) {