Re: [PATCH v2 3/8] LXC: sort the uidmap/gidmap of domain

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, May 10, 2013 at 05:58:12PM +0800, Gao feng wrote:
> Make sure the mapping line contains the root user of container
> is the first element of idmap array. So we can get the real
> user id on host for the container easily.
> 
> This patch also check the map information, User must map
> the root user of container to any user of host.
> 
> Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
> ---
>  src/conf/domain_conf.c | 25 ++++++++++++++++++++++++-
>  1 file changed, 24 insertions(+), 1 deletion(-)
> 
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 46be458..5bc4b8c 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -9815,7 +9815,8 @@ virDomainIdmapDefParseXML(const xmlNodePtr *node,
>                            ssize_t num)
>  {
>      int i;
> -    struct idmap *idmap = NULL;
> +    struct idmap *idmap = NULL, map;
> +    int index = -1;
>      xmlNodePtr save_ctxt = ctxt->node;
>  
>      if (VIR_ALLOC_N(idmap, num) < 0) {
> @@ -9828,7 +9829,29 @@ virDomainIdmapDefParseXML(const xmlNodePtr *node,
>          virXPathUInt("string(./@start)", ctxt, &idmap[i].start);
>          virXPathUInt("string(./@target)", ctxt, &idmap[i].target);
>          virXPathUInt("string(./@count)", ctxt, &idmap[i].count);
> +
> +        if (idmap[i].start == 0) {
> +            index = i;
> +            map.start = idmap[i].start;
> +            map.target = idmap[i].target;
> +            map.count = idmap[i].count;
> +        }
> +    }
> +    /* Make sure the mapping line contains the root user of container
> +     * is the first element of idmap array. So we can get the real
> +     * user id on host for the container easily. */
> +    if (index != -1) {
> +        idmap[index] = idmap[0];
> +        idmap[0] = map;

IMHO it would be better to just use qsort() with 'start' as the sort
key to ensure the entire array is sorted, not merely the first
element.

> +    } else {
> +        /* Root user of container isn't mapped to any user of host,
> +         * return error. */
> +        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
> +                       _("You must map the root user of container"));
> +        VIR_FREE(idmap);
> +        idmap = NULL;
>      }
> +
>   error:
>      ctxt->node = save_ctxt;
>      return idmap;

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]