Re: [PATCH v4 01/10] LXC: Introduce New XML element for user namespace

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Jun 07, 2013 at 03:12:18PM +0800, Gao feng wrote:
> This patch introduces new element <idmap> for
> user namespace. for example
> <idmap>
>     <uid start='0' target='1000' count='10'/>
>     <gid start='0' target='1000' count='10'/>
> </idmap>
> 
> this new element is used for setting proc files
> /proc/<pid>/{uid_map,gid_map}.
> 
> This patch also supports multiple uid/gid elements
> setting in XML configuration.
> 
> We don't support the semi configuation, user has to
> configure uid and gid both.
> 
> Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
> ---
>  docs/formatdomain.html.in     | 23 +++++++++++
>  docs/schemas/domaincommon.rng | 31 +++++++++++++++
>  src/conf/domain_conf.c        | 90 +++++++++++++++++++++++++++++++++++++++++++
>  src/conf/domain_conf.h        | 22 +++++++++++
>  4 files changed, 166 insertions(+)
> 

> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index a16ebd1..b001938 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -10196,6 +10199,40 @@ cleanup:
>      return ret;
>  }
>  
> +
> +/* Parse the XML definition for user namespace id map.
> + *
> + * idmap has the form of
> + *
> + *   <uid start='0' target='1000' count='10'/>
> + *   <gid start='0' target='1000' count='10'/>
> + */
> +static virDomainIdMapEntryPtr
> +virDomainIdmapDefParseXML(xmlXPathContextPtr ctxt,
> +                          const xmlNodePtr *node,
> +                          size_t num)
> +{
> +    size_t i;
> +    virDomainIdMapEntryPtr idmap = NULL;
> +    xmlNodePtr save_ctxt = ctxt->node;
> +
> +    if (VIR_ALLOC_N(idmap, num) < 0) {
> +        virReportOOMError();
> +        goto error;
> +    }
> +
> +    for (i = 0; i < num; i++) {
> +        ctxt->node = node[i];
> +        virXPathUInt("string(./@start)", ctxt, &idmap[i].start);
> +        virXPathUInt("string(./@target)", ctxt, &idmap[i].target);
> +        virXPathUInt("string(./@count)", ctxt, &idmap[i].count);

You need to check the return status of each virXPathUInt call to
make sure it succeed & goto the error scenario on failure.

> +    }
> + error:

s/error/cleanup/ since this code path is for both errors and success

> +    ctxt->node = save_ctxt;
> +    return idmap;
> +}
> +
> +



Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]