From: Michael Tremer Date: Tue, 16 Aug 2022 14:02:29 +0000 (+0000) Subject: jail: Give a random UUID and use it for the cgroup X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ae5201c54d8df3caac6054598cfd7b77979d212e;p=people%2Fstevee%2Fpakfire.git jail: Give a random UUID and use it for the cgroup Signed-off-by: Michael Tremer --- diff --git a/src/libpakfire/jail.c b/src/libpakfire/jail.c index 3591c354..97decaa9 100644 --- a/src/libpakfire/jail.c +++ b/src/libpakfire/jail.c @@ -39,6 +39,9 @@ // libseccomp #include +// libuuid +#include + #include #include #include @@ -67,6 +70,10 @@ struct pakfire_jail { struct pakfire* pakfire; int nrefs; + // A unique ID for each jail + uuid_t uuid; + char __uuid[UUID_STR_LEN]; + // Flags int flags; @@ -211,6 +218,9 @@ PAKFIRE_EXPORT int pakfire_jail_create(struct pakfire_jail** jail, // Store flags j->flags = flags; + // Generate a random UUID + uuid_generate_random(j->uuid); + DEBUG(j->pakfire, "Allocated new jail at %p\n", j); // Set default log callback @@ -260,6 +270,13 @@ static int pakfire_jail_has_flag(struct pakfire_jail* jail, int flag) { return jail->flags & flag; } +static const char* pakfire_jail_uuid(struct pakfire_jail* jail) { + if (*jail->__uuid) + uuid_unparse_lower(jail->uuid, jail->__uuid); + + return jail->__uuid; +} + // Resource Limits PAKFIRE_EXPORT int pakfire_jail_nice(struct pakfire_jail* jail, int nice) { @@ -1302,10 +1319,11 @@ static int __pakfire_jail_exec(struct pakfire_jail* jail, const char* argv[]) { if (jail->cgroup) { args.flags |= CLONE_INTO_CGROUP; -#warning TODO randomize the name + // Fetch our UUID + const char* uuid = pakfire_jail_uuid(jail); // Create a temporary cgroup - r = pakfire_cgroup_child(&ctx.cgroup, jail->cgroup, "jail", 0); + r = pakfire_cgroup_child(&ctx.cgroup, jail->cgroup, uuid, 0); if (r) { ERROR(jail->pakfire, "Could not create cgroup for jail: %m\n"); goto ERROR;