From: Richard Weinberger <richard@nod.at>
Date: Tue, 9 Jul 2013 10:05:14 +0000 (+0100)
Subject: LXC: Create /dev/tty within a container
X-Git-Tag: CVE-2013-2230~47
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9a0ac6d9c21b914f887d2a1e0051b5beffa81bd7;p=thirdparty%2Flibvirt.git

LXC: Create /dev/tty within a container

Many applications use /dev/tty to read from stdin.
e.g. zypper on openSUSE.

Let's create this device node to unbreak those applications.
As /dev/tty is a synonym for the current controlling terminal
it cannot harm the host or any other containers.

Signed-off-by: Richard Weinberger <richard@nod.at>
---

diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 88601f12b5..568227f177 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -1286,6 +1286,7 @@ static int virLXCControllerPopulateDevices(virLXCControllerPtr ctrl)
         { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_FULL, 0666, "/full" },
         { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_RANDOM, 0666, "/random" },
         { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_URANDOM, 0666, "/urandom" },
+        { LXC_DEV_MAJ_TTY, LXC_DEV_MIN_TTY, 0666, "/tty" },
     };
 
     if (virLXCControllerSetupDev(ctrl) < 0)