From: harryoooooooooo <ymsc27884@gmail.com>
Date: Sat, 9 Jun 2018 11:31:55 +0000 (+0800)
Subject: fix bug: unpriv lxc will run lxc.net.[i].script.up now
X-Git-Tag: lxc-3.1.0~261^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F2391%2Fhead;p=thirdparty%2Flxc.git

fix bug: unpriv lxc will run lxc.net.[i].script.up now

Signed-off-by: harryoooooooooo <ymsc27884@gmail.com>
---

diff --git a/src/lxc/network.c b/src/lxc/network.c
index b6aaa4621..e8473f7f9 100755
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -2097,7 +2097,7 @@ int lxc_find_gateway_addresses(struct lxc_handler *handler)
 
 #define LXC_USERNIC_PATH LIBEXECDIR "/lxc/lxc-user-nic"
 static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcname,
-					  struct lxc_netdev *netdev, pid_t pid)
+					  struct lxc_netdev *netdev, pid_t pid, unsigned int hooks_version)
 {
 	int ret;
 	pid_t child;
@@ -2242,6 +2242,21 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna
 		return -1;
 	}
 
+	if (netdev->upscript) {
+		char *argv[] = {
+			"veth",
+			netdev->link,
+			netdev->priv.veth_attr.veth1,
+			NULL,
+		};
+
+		ret = run_script_argv(lxcname,
+				hooks_version, "net",
+				netdev->upscript, "up", argv);
+		if (ret < 0)
+			return -1;
+    }
+
 	return 0;
 }
 
@@ -2499,7 +2514,7 @@ int lxc_network_move_created_netdev_priv(const char *lxcpath, const char *lxcnam
 }
 
 int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
-			      struct lxc_list *network, pid_t pid)
+			      struct lxc_list *network, pid_t pid, unsigned int hooks_version)
 {
 	struct lxc_list *iterator;
 
@@ -2525,7 +2540,7 @@ int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
 		if (netdev->mtu)
 			INFO("mtu ignored due to insufficient privilege");
 
-		if (lxc_create_network_unpriv_exec(lxcpath, lxcname, netdev, pid))
+		if (lxc_create_network_unpriv_exec(lxcpath, lxcname, netdev, pid, hooks_version))
 			return -1;
 	}
 
diff --git a/src/lxc/network.h b/src/lxc/network.h
index 9b9858a52..415d13502 100644
--- a/src/lxc/network.h
+++ b/src/lxc/network.h
@@ -263,7 +263,7 @@ extern int lxc_network_move_created_netdev_priv(const char *lxcpath,
 extern void lxc_delete_network(struct lxc_handler *handler);
 extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
 extern int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
-				     struct lxc_list *network, pid_t pid);
+				     struct lxc_list *network, pid_t pid, unsigned int hook_version);
 extern int lxc_requests_empty_network(struct lxc_handler *handler);
 extern int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler);
 extern int lxc_setup_network_in_child_namespaces(const struct lxc_conf *conf,
diff --git a/src/lxc/start.c b/src/lxc/start.c
index b222c847a..9477f2ce4 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1707,7 +1707,7 @@ static int lxc_spawn(struct lxc_handler *handler)
 		}
 
 		ret = lxc_create_network_unpriv(handler->lxcpath, handler->name,
-						&conf->network, handler->pid);
+						&conf->network, handler->pid, conf->hooks_version);
 		if (ret < 0) {
 			ERROR("Failed to create the configured network");
 			goto out_delete_net;