make [ug]id map ordering consistent with /proc/<nr>/[ug]id_map

The id ordering and case of u,g is also consistent with uidmapshift,
reducing confusion.

doc: Moved example to the the EXAMPLES section, and used values
corresponding to the defaults in the pending shadow-utils subuid patch.

Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

diff --git a/doc/lxc.conf.sgml.in b/doc/lxc.conf.sgml.in
index ae91221ac24f24a37eae8e0f6f03642735ca7faf..60e7baa7691ae06b515209ba831635aa54b3b07a 100644 (file)
--- a/doc/lxc.conf.sgml.in
+++ b/doc/lxc.conf.sgml.in
@@ -709,21 +709,12 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
          <listitem>
            <para>
              Four values must be provided.  First a character, either
-             'U', or 'G', to specify whether user or group ids are
-             being mapped.  Next is the first userid as seen on the
-             host.  Next is the userid to be mapped in the container.
-             Finally, a range indicating the number of consecutive
-             ids to map.  For instance
+             'u', or 'g', to specify whether user or group ids are
+             being mapped.  Next is the first userid as seen in the
+             user namespace of the container.  Next is the userid as
+             seen on the host.  Finally, a range indicating the number
+             of consecutive ids to map.
             </para>
-<programlisting>
-       lxc.id_map = U 200000 0 20000
-       lxc.id_map = G 200000 0 20000
-</programlisting>
-           <para>
-             will map both user and group ids in the
-             range 0-19999 in the container to the ids
-             200000-219999 on the host.
-           </para>
          </listitem>
        </varlistentry>
       </variablelist>
@@ -952,6 +943,17 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
       </programlisting>
     </refsect2>
 
+    <refsect2>
+      <title>UID/GID mapping</title>
+      <para>This configuration will map both user and group ids in the
+        range 0-9999 in the container to the ids 100000-109999 on the host.
+      </para>
+      <programlisting>
+       lxc.id_map = u 0 100000 10000
+       lxc.id_map = g 0 100000 10000
+      </programlisting>
+    </refsect2>
+
     <refsect2>
       <title>Control group</title>
       <para>This configuration will setup several control groups for

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 97b4ae4a417857088c37fb3011b767acd4b06c43..e2abc72df16e07761549e7de5a976cc5901ef596 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2447,7 +2447,7 @@ int lxc_assign_network(struct lxc_list *network, pid_t pid)
        return 0;
 }
 
-int add_id_mapping(enum idtype idtype, pid_t pid, uid_t host_start, uid_t ns_start, int range)
+static int add_id_mapping(enum idtype idtype, pid_t pid, uid_t ns_start, uid_t host_start, int range)
 {
        char path[PATH_MAX];
        int ret, closeret;
@@ -2480,7 +2480,7 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid)
 
        lxc_list_for_each(iterator, idmap) {
                map = iterator->elem;
-               ret = add_id_mapping(map->idtype, pid, map->hostid, map->nsid, map->range);
+               ret = add_id_mapping(map->idtype, pid, map->nsid, map->hostid, map->range);
                if (ret)
                        break;
        }

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index d350f01df1c8c5c1548028506d112832607cc3c8..59cedef46d6cc6464decbddf25e064e8d4018912 100644 (file)
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1049,13 +1049,13 @@ static int config_idmap(const char *key, const char *value, struct lxc_conf *lxc
 
        lxc_list_add_tail(&lxc_conf->id_map, idmaplist);
 
-       ret = sscanf(value, "%c %d %d %d", &type, &hostid, &nsid, &range);
+       ret = sscanf(value, "%c %d %d %d", &type, &nsid, &hostid, &range);
        if (ret != 4)
                goto out;
-       INFO("read uid map: type %c hostid %d nsid %d range %d", type, hostid, nsid, range);
-       if (type == 'U')
+       INFO("read uid map: type %c nsid %d hostid %d range %d", type, nsid, hostid, range);
+       if (type == 'u')
                idmap->idtype = ID_TYPE_UID;
-       else if (type == 'G')
+       else if (type == 'g')
                idmap->idtype = ID_TYPE_GID;
        else
                goto out;