start: log sending and receiving of tty fds

This is a potentially security sensitive operation and I really want to keep an
eye on *when exactly* this is send. So add more logging on the TRACE() level.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index fb82303c8161681d0abd5fcb8fce0c743d6aa9bc..25c0aca2547754882871bb78ea0433657bd5cc87 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -4107,21 +4107,30 @@ static int send_fd(int sock, int fd)
 
 static int send_ttys_to_parent(struct lxc_handler *handler)
 {
+       int i, ret;
        struct lxc_conf *conf = handler->conf;
        const struct lxc_tty_info *tty_info = &conf->tty_info;
-       int i;
        int sock = handler->ttysock[0];
 
        for (i = 0; i < tty_info->nbtty; i++) {
                struct lxc_pty_info *pty_info = &tty_info->pty_info[i];
-               if (send_fd(sock, pty_info->slave) < 0)
-                       goto bad;
+               ret = send_fd(sock, pty_info->slave);
+               if (ret >= 0)
+                       send_fd(sock, pty_info->master);
+               TRACE("sending pty \"%s\" with master fd %d and slave fd %d to "
+                     "parent",
+                     pty_info->name, pty_info->master, pty_info->slave);
                close(pty_info->slave);
                pty_info->slave = -1;
-               if (send_fd(sock, pty_info->master) < 0)
-                       goto bad;
                close(pty_info->master);
                pty_info->master = -1;
+               if (ret < 0) {
+                       ERROR("failed to send pty \"%s\" with master fd %d and "
+                             "slave fd %d to parent : %s",
+                             pty_info->name, pty_info->master, pty_info->slave,
+                             strerror(errno));
+                       goto bad;
+               }
        }
 
        close(handler->ttysock[0]);

diff --git a/src/lxc/start.c b/src/lxc/start.c
index f1b3f8e11d6269115b74998e78c2a0242814a955..36f8b231882556a79f897c37979ed52831d84184 100644 (file)
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1021,8 +1021,9 @@ static int recv_fd(int sock, int *fd)
 
 static int recv_ttys_from_child(struct lxc_handler *handler)
 {
+       int i, ret;
+       int sock = handler->ttysock[1];
        struct lxc_conf *conf = handler->conf;
-       int i, sock = handler->ttysock[1];
        struct lxc_tty_info *tty_info = &conf->tty_info;
 
        if (!conf->tty)
@@ -1035,11 +1036,18 @@ static int recv_ttys_from_child(struct lxc_handler *handler)
        for (i = 0; i < conf->tty; i++) {
                struct lxc_pty_info *pty_info = &tty_info->pty_info[i];
                pty_info->busy = 0;
-               if (recv_fd(sock, &pty_info->slave) < 0 ||
-                   recv_fd(sock, &pty_info->master) < 0) {
-                       ERROR("Error receiving tty info from child process.");
+               ret = recv_fd(sock, &pty_info->slave);
+               if (ret >= 0)
+                       recv_fd(sock, &pty_info->master);
+               if (ret < 0) {
+                       ERROR("failed to receive pty with master fd %d and "
+                             "slave fd %d from child: %s",
+                             pty_info->master, pty_info->slave,
+                             strerror(errno));
                        return -1;
                }
+               TRACE("received pty with master fd %d and slave fd %d from child",
+                     pty_info->master, pty_info->slave);
        }
        tty_info->nbtty = conf->tty;