}
/* Remove current setting. */
- if (!c->set_config_item(c, "lxc.seccomp", "")) {
+ if (!c->set_config_item(c, "lxc.seccomp", "") &&
+ !c->set_config_item(c, "lxc.seccomp.profile", "")) {
return false;
}
/* Fetch the current profile path over the cmd interface. */
- path = c->get_running_config_item(c, "lxc.seccomp");
+ path = c->get_running_config_item(c, "lxc.seccomp.profile");
if (!path) {
- INFO("Failed to get running config item for lxc.seccomp.");
+ INFO("Failed to get running config item for lxc.seccomp.profile");
+ path = c->get_running_config_item(c, "lxc.seccomp");
+ }
+ if (!path) {
+ INFO("Failed to get running config item for lxc.seccomp");
return true;
}
/* Copy the value into the new lxc_conf. */
- if (!c->set_config_item(c, "lxc.seccomp", path)) {
+ if (!c->set_config_item(c, "lxc.seccomp.profile", path)) {
free(path);
return false;
}
lxc_config_define(cap_keep);
lxc_config_define(console_logfile);
lxc_config_define(console_path);
-lxc_config_define(seccomp);
+lxc_config_define(seccomp_profile);
lxc_config_define(includefiles);
lxc_config_define(autodev);
lxc_config_define(signal_halt);
{ "lxc.cap.keep", set_config_cap_keep, get_config_cap_keep, clr_config_cap_keep, },
{ "lxc.console.logfile", set_config_console_logfile, get_config_console_logfile, clr_config_console_logfile, },
{ "lxc.console.path", set_config_console_path, get_config_console_path, clr_config_console_path, },
- { "lxc.seccomp", set_config_seccomp, get_config_seccomp, clr_config_seccomp, },
+ { "lxc.seccomp.profile", set_config_seccomp_profile, get_config_seccomp_profile, clr_config_seccomp_profile, },
{ "lxc.include", set_config_includefiles, get_config_includefiles, clr_config_includefiles, },
{ "lxc.autodev", set_config_autodev, get_config_autodev, clr_config_autodev, },
+ /* REMOVE IN LXC 3.0
+ legacy seccomp key
+ */
+ { "lxc.seccomp", set_config_seccomp_profile, get_config_seccomp_profile, clr_config_seccomp_profile, },
+
/* REMOVE IN LXC 3.0
legacy console key
*/
return 0;
}
-static int set_config_seccomp(const char *key, const char *value,
- struct lxc_conf *lxc_conf, void *data)
+static int set_config_seccomp_profile(const char *key, const char *value,
+ struct lxc_conf *lxc_conf, void *data)
{
return set_config_path_item(&lxc_conf->seccomp, value);
}
return lxc_get_conf_str(retv, inlen, c->console.log_path);
}
-static int get_config_seccomp(const char *key, char *retv, int inlen,
- struct lxc_conf *c, void *data)
+static int get_config_seccomp_profile(const char *key, char *retv, int inlen,
+ struct lxc_conf *c, void *data)
{
return lxc_get_conf_str(retv, inlen, c->seccomp);
}
return 0;
}
-static inline int clr_config_seccomp(const char *key, struct lxc_conf *c,
- void *data)
+static inline int clr_config_seccomp_profile(const char *key,
+ struct lxc_conf *c, void *data)
{
free(c->seccomp);
c->seccomp = NULL;
goto non_test_error;
}
- /* lxc.seccomp */
+ /* REMOVE IN LXC 3.0
+ legacy seccomp key
+ */
if (set_get_compare_clear_save_load(
c, "lxc.seccomp", "/some/seccomp/file", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.seccomp");
goto non_test_error;
}
+ /* lxc.seccomp.profile */
+ if (set_get_compare_clear_save_load(
+ c, "lxc.seccomp.profile", "/some/seccomp/file", tmpf, true) < 0) {
+ lxc_error("%s\n", "lxc.seccomp.profile");
+ goto non_test_error;
+ }
+
/* lxc.autodev */
if (set_get_compare_clear_save_load(c, "lxc.autodev", "1", tmpf, true) <
0) {
projects / thirdparty / lxc.git / commitdiff
