From: Dwight Engen Date: Mon, 11 Mar 2013 19:33:57 +0000 (-0400) Subject: make [ug]id map ordering consistent with /proc//[ug]id_map X-Git-Tag: lxc-0.9.0.rc1~2^2~11 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ac7725e7bb6753087aa63bbefb999529b0625212;p=thirdparty%2Flxc.git make [ug]id map ordering consistent with /proc//[ug]id_map The id ordering and case of u,g is also consistent with uidmapshift, reducing confusion. doc: Moved example to the the EXAMPLES section, and used values corresponding to the defaults in the pending shadow-utils subuid patch. Signed-off-by: Dwight Engen Acked-by: Stéphane Graber --- diff --git a/doc/lxc.conf.sgml.in b/doc/lxc.conf.sgml.in index ae91221ac..60e7baa76 100644 --- a/doc/lxc.conf.sgml.in +++ b/doc/lxc.conf.sgml.in @@ -709,21 +709,12 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Four values must be provided. First a character, either - 'U', or 'G', to specify whether user or group ids are - being mapped. Next is the first userid as seen on the - host. Next is the userid to be mapped in the container. - Finally, a range indicating the number of consecutive - ids to map. For instance + 'u', or 'g', to specify whether user or group ids are + being mapped. Next is the first userid as seen in the + user namespace of the container. Next is the userid as + seen on the host. Finally, a range indicating the number + of consecutive ids to map. - - lxc.id_map = U 200000 0 20000 - lxc.id_map = G 200000 0 20000 - - - will map both user and group ids in the - range 0-19999 in the container to the ids - 200000-219999 on the host. - @@ -952,6 +943,17 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + UID/GID mapping + This configuration will map both user and group ids in the + range 0-9999 in the container to the ids 100000-109999 on the host. + + + lxc.id_map = u 0 100000 10000 + lxc.id_map = g 0 100000 10000 + + + Control group This configuration will setup several control groups for diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 97b4ae4a4..e2abc72df 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -2447,7 +2447,7 @@ int lxc_assign_network(struct lxc_list *network, pid_t pid) return 0; } -int add_id_mapping(enum idtype idtype, pid_t pid, uid_t host_start, uid_t ns_start, int range) +static int add_id_mapping(enum idtype idtype, pid_t pid, uid_t ns_start, uid_t host_start, int range) { char path[PATH_MAX]; int ret, closeret; @@ -2480,7 +2480,7 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) lxc_list_for_each(iterator, idmap) { map = iterator->elem; - ret = add_id_mapping(map->idtype, pid, map->hostid, map->nsid, map->range); + ret = add_id_mapping(map->idtype, pid, map->nsid, map->hostid, map->range); if (ret) break; } diff --git a/src/lxc/confile.c b/src/lxc/confile.c index d350f01df..59cedef46 100644 --- a/src/lxc/confile.c +++ b/src/lxc/confile.c @@ -1049,13 +1049,13 @@ static int config_idmap(const char *key, const char *value, struct lxc_conf *lxc lxc_list_add_tail(&lxc_conf->id_map, idmaplist); - ret = sscanf(value, "%c %d %d %d", &type, &hostid, &nsid, &range); + ret = sscanf(value, "%c %d %d %d", &type, &nsid, &hostid, &range); if (ret != 4) goto out; - INFO("read uid map: type %c hostid %d nsid %d range %d", type, hostid, nsid, range); - if (type == 'U') + INFO("read uid map: type %c nsid %d hostid %d range %d", type, nsid, hostid, range); + if (type == 'u') idmap->idtype = ID_TYPE_UID; - else if (type == 'G') + else if (type == 'g') idmap->idtype = ID_TYPE_GID; else goto out;