From: Ján Tomko Date: Fri, 31 Oct 2014 08:51:23 +0000 (+0100) Subject: Require at least one console for LXC domain X-Git-Tag: CVE-2014-7823~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=44686f6523cb30a174c052a242fa15f6a2b364e5;p=thirdparty%2Flibvirt.git Require at least one console for LXC domain A domain without a console quietly dies soon after start, because we try to set /dev/null as a controlling TTY 2014-10-30 15:10:59.705+0000: 1: error : lxcContainerSetupFDs:283 : ioctl(TIOCSCTTY) failed: Inappropriate ioctl for device Report an error early instead of trying to start it. https://bugzilla.redhat.com/show_bug.cgi?id=1155410 --- diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index f02b959eeb..8aba3baf1a 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -2093,8 +2093,10 @@ static int lxcContainerChild(void *data) if (virAsprintf(&ttyPath, "%s/%s.devpts/%s", LXC_STATE_DIR, vmDef->name, tty) < 0) goto cleanup; - } else if (VIR_STRDUP(ttyPath, "/dev/null") < 0) { - goto cleanup; + } else { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("At least one tty is required")); + goto cleanup; } VIR_DEBUG("Container TTY path: %s", ttyPath); diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index ed30c37fd1..6c83fdb217 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -1144,6 +1144,12 @@ int virLXCProcessStart(virConnectPtr conn, vm->def, NULL) < 0) goto cleanup; + if (vm->def->nconsoles == 0) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("At least one PTY console is required")); + goto cleanup; + } + for (i = 0; i < vm->def->nconsoles; i++) { char *ttyPath; if (vm->def->consoles[i]->source.type != VIR_DOMAIN_CHR_TYPE_PTY) {