static int get_config_ephemeral(struct lxc_container *, const char *, char *, int);
static int set_config_no_new_privs(const char *, const char *, struct lxc_conf *);
+static int get_config_no_new_privs(struct lxc_container *, const char *, char *, int);
+
static int set_config_limit(const char *, const char *, struct lxc_conf *);
static struct lxc_config_t config[] = {
{ "lxc.init_gid", set_config_init_gid, get_config_init_gid, NULL},
{ "lxc.ephemeral", set_config_ephemeral, get_config_ephemeral, NULL},
{ "lxc.syslog", set_config_syslog, get_config_syslog, NULL},
- { "lxc.no_new_privs", set_config_no_new_privs, NULL, NULL},
+ { "lxc.no_new_privs", set_config_no_new_privs, get_config_no_new_privs, NULL},
{ "lxc.limit", set_config_limit, NULL, NULL},
};
{
const char *v = NULL;
- if (strcmp(key, "lxc.no_new_privs") == 0)
- return lxc_get_conf_int(c, retv, inlen, c->no_new_privs);
- else if (strcmp(key, "lxc.limit") == 0) // all limits
+ if (strcmp(key, "lxc.limit") == 0) // all limits
return lxc_get_limit_entry(c, retv, inlen, "all");
else if (strncmp(key, "lxc.limit.", 10) == 0) // specific limit
return lxc_get_limit_entry(c, retv, inlen, key + 10);
} else if (strcmp(key, "lxc.start.order") == 0) {
c->start_order = 0;
+ } else if (strcmp(key, "lxc.no_new_privs") == 0) {
+ c->no_new_privs = false;
+
} else {
ret = -1;
}
return lxc_get_conf_int(c->lxc_conf, retv, inlen,
c->lxc_conf->ephemeral);
}
+
+static int get_config_no_new_privs(struct lxc_container *c, const char *key,
+ char *retv, int inlen)
+{
+ return lxc_get_conf_int(c->lxc_conf, retv, inlen,
+ c->lxc_conf->no_new_privs);
+}
projects / thirdparty / lxc.git / commitdiff
