}
}
- nsid = 0;
+ nsid = LXC_INVALID_UID;
+
+found:
+ fclose(f);
+ free(line);
+ return nsid;
+}
+
+gid_t get_ns_gid(gid_t orig)
+{
+ char *line = NULL;
+ size_t sz = 0;
+ gid_t nsid, hostid, range;
+ FILE *f = fopen("/proc/self/gid_map", "r");
+ if (!f)
+ return 0;
+
+ while (getline(&line, &sz, f) != -1) {
+ if (sscanf(line, "%u %u %u", &nsid, &hostid, &range) != 3)
+ continue;
+
+ if (hostid <= orig && hostid + range > orig) {
+ nsid += orig - hostid;
+ goto found;
+ }
+ }
+
+ nsid = LXC_INVALID_GID;
found:
fclose(f);
if (offset >= fulllen)
return NULL;
- while (path[offset] != '\0' && offset < fulllen)
+ while (offset < fulllen && path[offset] != '\0')
offset++;
- while (path[offset] == '\0' && offset < fulllen)
+ while (offset < fulllen && path[offset] == '\0')
offset++;
*offsetp = offset;
int lxc_switch_uid_gid(uid_t uid, gid_t gid)
{
- if (setgid(gid) < 0) {
- SYSERROR("Failed to switch to gid %d.", gid);
- return -errno;
+ int ret = 0;
+
+ if (gid != LXC_INVALID_GID) {
+ ret = setgid(gid);
+ if (ret < 0) {
+ SYSERROR("Failed to switch to gid %d", gid);
+ return -1;
+ }
+ NOTICE("Switched to gid %d", gid);
}
- NOTICE("Switched to gid %d.", gid);
- if (setuid(uid) < 0) {
- SYSERROR("Failed to switch to uid %d.", uid);
- return -errno;
+ if (uid != LXC_INVALID_UID) {
+ ret = setuid(uid);
+ if (ret < 0) {
+ SYSERROR("Failed to switch to uid %d", uid);
+ return -1;
+ }
+ NOTICE("Switched to uid %d", uid);
}
- NOTICE("Switched to uid %d.", uid);
- return 0;
+ return ret;
}
/* Simple covenience function which enables uniform logging. */
-int lxc_setgroups(int size, gid_t list[])
+bool lxc_setgroups(int size, gid_t list[])
{
if (setgroups(size, list) < 0) {
- SYSERROR("Failed to setgroups().");
- return -errno;
+ SYSERROR("Failed to setgroups()");
+ return false;
}
- NOTICE("Dropped additional groups.");
+ NOTICE("Dropped additional groups");
- return 0;
+ return true;
}
static int lxc_get_unused_loop_dev_legacy(char *loop_name)
projects / mirror_lxc.git / blobdiff