Starting a container with insufficient privilege (correctly) fails
during lxc_init. However, if starting a daemonized container, we
daemonize before we get to that check. Therefore while the
container will fail to start, and the logfile will show this, the
'lxc-start -n x -d' command will return success. For ease of
scripting, do a check for the required privilege before we exit.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
- if (my_args.daemonize && daemon(0, 0)) {
- SYSERROR("failed to daemonize '%s'", my_args.name);
- return err;
+ if (my_args.daemonize) {
+ /* do an early check for needed privs, since otherwise the
+ * user won't see the error */
+
+ if (!lxc_caps_check()) {
+ ERROR("Not running with sufficient privilege");
+ return err;
+ }
+
+ if (daemon(0, 0)) {
+ SYSERROR("failed to daemonize '%s'", my_args.name);
+ return err;
+ }
}
if (my_args.close_all_fds)
}
if (my_args.close_all_fds)