tree-wide: replace sizeof() with SIZEOF2STRLEN()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

macro: add STRLITERALLEN() and STRARRAYLEN()

sizeof() implementation for string literals and string arrays that makes
it behave like strlen() for strings.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgfsng: s/__cgfsng_ops__/__cgfsng_ops/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

compiler: s/__noreturn__/__noreturn/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

compiler: s/__fallthrough__/__fallthrough/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2636 from brauner/2018-09-21/fix_implicit_fallthrough

autotools: fix check for -Wimplicit-fallthrough

Merge pull request #2627 from 2xsec/bugfix

conf: realpath() uses null as second parameter to prevent buffer overflow

autotools: fix wrong AX_CHECK_COMPILE_FLAG test

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2606 from brauner/2018-09-09/cgroup_escape

cgroups: scoping for cgroup v2

cgfsng: add missing __cgfsng_ops__ attributes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: adapt cgroup tests to new layout

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgfsng: cgfsng_monitor_enter()

brauner@wittgenstein|~
> sudo systemctl status lxc@c1
● lxc@c1.service - LXC Container: c1
   Loaded: loaded (/lib/systemd/system/lxc@.service; disabled; vendor preset: enabled)
   Active: active (running) since Tue 2018-09-11 10:42:22 CEST; 38s ago
     Docs: man:lxc-start
           man:lxc
  Process: 29855 ExecStart=/usr/bin/lxc-start -n c1 -p /run/lxc/c1.pid (code=exited, status=0/SUCCESS)
    Tasks: 18 (limit: 4915)
   Memory: 32.1M
   CGroup: /system.slice/system-lxc.slice/lxc@c1.service
           ├─lxc.monitor
           │ └─c1
           │   └─29870 [lxc monitor] /var/lib/lxc c1
           └─lxc.payload
             └─c1
               ├─init.scope
               │ └─29878 /sbin/init
               └─system.slice
                 ├─console-getty.service
                 │ └─30028 /sbin/agetty -o -p -- \u --noclear --keep-baud console 115200,38400,9600 linux
                 ├─cron.service
                 │ └─30019 /usr/sbin/cron -f
                 ├─dbus.service
                 │ └─30020 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                 ├─networkd-dispatcher.service
                 │ └─30016 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
                 ├─rsyslog.service
                 │ └─30017 /usr/sbin/rsyslogd -n
                 ├─system-container\x2dgetty.slice
                 │ ├─container-getty@0.service
                 │ │ └─30027 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/0 115200,38400,9600 vt220
                 │ ├─container-getty@1.service
                 │ │ └─30030 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/1 115200,38400,9600 vt220
                 │ ├─container-getty@2.service
                 │ │ └─30026 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/2 115200,38400,9600 vt220
                 │ └─container-getty@3.service
                 │   └─30029 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/3 115200,38400,9600 vt220
                 ├─systemd-journald.service
                 │ └─29976 /lib/systemd/systemd-journald
                 ├─systemd-logind.service
                 │ └─30018 /lib/systemd/systemd-logind
                 ├─systemd-networkd.service
                 │ └─29996 /lib/systemd/systemd-networkd
                 ├─systemd-resolved.service
                 │ └─30014 /lib/systemd/systemd-resolved
                 └─systemd-udevd.service
                   └─29986 /lib/systemd/systemd-udevd

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: add monitor_enter()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgfsng: add cgfsng_monitor_create()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: add monitor_create()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: add monitor_full_path member

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: add monitor_cgroup member

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: s/base_cgroup/container_base_path/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: add missing string.h include

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: s/fullcgpath/container_full_path/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: switch to lxc.payload as default pattern

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroup: rename container specific cgroup functions

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2635 from brauner/2018-09-21/Wimplicit-fallthrough

autotools: add -Wimplicit-fallthrough

Merge pull request #2630 from brauner/2018-09-20/remove_locking

api_extensions: introduce lxc_has_api_extension()

autotools: add -Wimplicit-fallthrough

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

api_extensions: introduce lxc_has_api_extension()

This is modeled after LXD's API extension checks. This allows API users
to query the given LXC instance whether a given API extension is
supported.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2633 from brauner/2018-09-21/cgfsng_ops_attribute

cgfsng: mark ops with __cgfsng_ops__ attribute

Merge pull request #2634 from brauner/2018-09-21/cgroup_relative

confile: s/lxc.cgroup.keep/lxc.cgroup.relative/g

Merge pull request #2607 from brauner/2018-09-11/sysfs_mixed

conf: remove extra MS_BIND with sysfs:mixed

cgfsng: mark ops with __cgfsng_ops__ attribute

Helps to easily tell the cgfsng ops functions from helpers.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: s/lxc.cgroup.keep/lxc.cgroup.relative/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2608 from brauner/2018-09-11/netns_get_nsid

network: add lxc_netns_get_nsid()

Merge pull request #2631 from brauner/2018-09-20/rename_backgrounded

start: s/backgrounded/daemonize/g

start: s/backgrounded/daemonize/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: realpath() uses null as second parameter to prevent buffer overflow

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

Merge pull request #2626 from brauner/2018-09-20/remove_locking

lxccontainer: remove cgroup locking

lxccontainer: remove locks from get_cgroup_item()

The on-disk config file is not altered and the in-memory config isn't
altered so no need for locking.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxccontainer: remove locks from set_cgroup_item()

The on-disk config file is not altered and the in-memory config isn't
altered so no need for locking.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2624 from 2xsec/bugfix

af_unix: add function to remove duplicated codes for set sockaddr

af_unix: add function to remove duplicated codes for set sockaddr

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

Merge pull request #2622 from brauner/2018-09-19/attach_exit_status

attach: report standard shell exit codes

attach: report standard shell exit codes

POSIX mandates that on ENOEXEC 126 and on ENOENT 127 is supposed to be
reported.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2621 from 2xsec/bugfix

security: fix too wide or inconsistent non-owner permissions

security: fix too wide or inconsistent non-owner permissions

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

Merge pull request #2619 from smibarber/attach-shutdown

attach: don't shutdown ipc socket in child

attach: don't shutdown ipc socket in child

shutdown() affects sockets even across forked processes. The
attached child process doesn't have any interest in using the
IPC socket, so just close it in the child process and let the
intermediate process handle shutting it down.

This fixes a bug seen with lxc exec in crbug.com/884244

Signed-off-by: Stephen Barber <smbarber@chromium.org>

Merge pull request #2611 from 2xsec/bugfix

add compile flags for dlog

log: add additional info of dlog

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

log: add common functions

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

add compile flags for dlog

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

network: minor tweaks

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2609 from 2xsec/bugfix

remove unused variables & function

file_utils: remove unused function

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

remove unused variables

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

network: add lxc_netns_get_nsid()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2604 from brauner/2018-09-09/fix_pid_file

lxccontainer: use correct pid_t type

network: use correct type in lxc_netns_set_nsid()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: remove extra MS_BIND with sysfs:mixed

The extra bind-mount is not required. To succesfully remount read-only
we just need MS_REMOUNT|MS_RDONLY.

Closes #2602.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Serge Hallyn <serge@hallyn.com>

Merge pull request #2601 from 2xsec/bugfix

log: support dlog

lxccontainer: use correct pid_t type

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2596 from brauner/2018-09-05/attach_id

utils: allow lxc-attach to set uid / gid

utils: make lxc_switch_uid_gid() return bool

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

utils: make lxc_setgroups() return bool

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: avoid unnecessary syscalls

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tools/lxc-attach: add -u and -g arguments

This lets users specify uids and gids to switch to.

Closes #2591.

Signed-off-by: Disassembler disassembler@dasm.cz
[christian.brauner@ubuntu.com: adapt coding style + commit message]

attach: handle id switching smarter

For setup, switch to the most privileged ids we can find. That is either
nsuid 0 if a mapping has been established if not switch to the ids the
init running in the container was started with.
After setup, switch to the actual requested ids.

Closes #2591.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: support dlog

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

utils: improve lxc_switch_uid_gid()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

utils: improve get_ns_uid() and add get_ns_gid()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2594 from ffontaine/master

lxc: fix build with --disable-werror

lxc: fix build with --disable-werror

Fix #2592 by defining -Wvla -std=gnu11 even if --disable-werror is set
As -std=gnu11 is always set, bump requirement on gcc from 4.6 to 4.7
(see https://gcc.gnu.org/projects/cxx-status.html#cxx11)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Merge pull request #2589 from 2xsec/bugfix

lxccontainer: fix dereferenced pointer

lxccontainer: fix dereferenced pointer

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

Merge pull request #2584 from brauner/2018-09-03/bugfixes

commands: switch to setting errno and returning -1

log: log_append_logfile() add new error path

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

nl: save errno on lxc_netns_set_nsid()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tree-wide: s/send()/lxc_send_nointr()/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

file_utils: add lxc_send_nointr()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tree-wide: s/recv()/lxc_recv_nointr()/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: save errno on strerror_r()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: do not clobber errno

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: switch to setting errno and returning -1

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>

file_utils: add lxc_recv_nointr()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: better error message

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2585 from 2xsec/bugfix

caps: fix illegal access to array bound

syntax error: mismatch brace

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

nl: remove duplicated define

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

utils: defensive programming

If caller passed the size of array not string length, it is possible to be accessed out of bounds.

Reorder conditions can prevent access invalid index of array.

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

caps: fix illegal access to array bound

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

Merge pull request #2581 from brauner/2018-09-02/macro

macro: move MS_* macros

macro: move MS_* macros

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2580 from brauner/2018-09-01/revert_blub_revert

Revert "Revert "tree-wide: use sizeof on static arrays""

Revert "Revert "tree-wide: use sizeof on static arrays""

This reverts commit 2fb7cf0b325d2e34cd6faa2758cbaba6b6c3b99f.

The problem wasn't caused by the reverted commit and was fixed in

commit 0c9b1f826d3 ("macro: calculate buffer lengths correctly")

The full explanation can be taken from the following irc excerpt from
the #lxc-dev channel:

│19:54:47 brauner | there was a bug in one of the standard macros we used
│19:55:01 brauner | and the changes by INTTYPE_TO_STRLEN() caused the issue to surface
│19:55:03 brauner | which is good
│19:55:16 brauner | i sent a branch and stgraber merged it that fixes it
│19:57:56  Blub\0 | so...
│19:58:31  Blub\0 | still doesn't explain how it was the sizeof() patch
│20:07:14 brauner | Blub\0: so here's the long explanation
│20:07:35 brauner | Blub\0: stgraber bumped pid_max on our jenkins test builders
│20:07:53 brauner | Blub\0: because we're running *a lot* of containers
│20:07:56 brauner | in any case
│20:08:06 brauner | there was a buffer
│20:08:12 brauner | LXC_LSMATTRLEN
│20:08:59 brauner | it used to be
│20:09:03 brauner | -/* /proc/pid-to-str/attr/current = (5 + INTTYPE_TO_STRLEN(pid_t) + 7 + 1) */
│20:09:03 brauner | -#define LXC_LSMATTRLEN (5 + INTTYPE_TO_STRLEN(pid_t) + 7 + 1)
│20:09:14 brauner | which one can see is wrong
│20:09:21 brauner | before the INTTYPE patchset
│20:09:40 brauner | INTTYPE_TO_STRLEN(pid_t) was LXC_NUMSTRLEN64
│20:09:45 brauner | which gave you 21 chars
│20:09:57 brauner | so it accounted for the missing parts
│20:10:03 brauner | because the correct macro should've been
│20:10:17 brauner | +/* /proc/        = 6
│20:10:17 brauner | + *               +
│20:10:17 brauner | + * <pid-as-str>  = INTTYPE_TO_STRLEN(pid_t)
│20:10:17 brauner | + *               +
│20:10:17 brauner | + * /attr/        = 6
│20:10:17 brauner | + *               +
│20:10:17 brauner | + * /current      = 8
│20:10:17 brauner | + *               +
│20:10:17 brauner | + * \0            = 1
│20:10:17 brauner | + */
│20:10:17 brauner | +#define LXC_LSMATTRLEN (6 + INTTYPE_TO_STRLEN(pid_t) + 6 + 8 + 1)
│20:10:24  Blub\0 | still
│20:10:31 brauner | the issue was only seen
│20:10:39 brauner | when the pid number hit a specific maximum
│20:10:50  Blub\0 | the sizeof patch only changed instances of actual char buf[A_FIXED_NUMBER] + snprintf(buf, A_FIXED_NUMBER, ...)
│20:10:54 brauner | aka exceeded the newly shortened buffer
│20:11:42 brauner | your patch was a red herring
│20:12:03  Blub\0 | I guess
│20:12:06 brauner | it didn't cause it
│20:12:14 brauner | it just surfaced at the same time it was merged
│20:12:25  Blub\0 | so we can revert the revert then? :)
│20:12:35 brauner | yes, that was th eplan all along

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2579 from brauner/2018-08-31/int64_t_pids

macro: calculate buffer lengths correctly

macro: calculate buffer lengths correctly

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: assign before converting to pointer

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #2578 from brauner/2018-08-31/int64_t_pids

commands: pass around intmax_t

commands: pass around intmax_t

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Revert "tree-wide: use sizeof on static arrays"

This reverts commit 81a3bb64b4147ac6da3087cb77ac67828a2f2b76.

This commit broke all builders running with pid_max > 32768.

Reverting for now so we can bring the build farm back online.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Merge pull request #2435 from brauner/2018-06-27/storage_managed

[RFC] conf: introduce lxc.rootfs.managed