From 27c27d73e1b1a07e3621484fa033206549e2a1f5 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Mon, 15 Jul 2013 16:42:15 -0500
Subject: [PATCH] userns: clear and save id_map (v2)

Otherwise (a) there is a memory leak when using user namespaces and
clearing a config, and (b) saving a container configuration file doesn't
maintain the userns mapping.  For instance, if container c1 has
lxc.id_map configuration entries, then

python3
import lxc
c=lxc.Container("c1")
c.save_config("/tmp/config1")

should show 'lxc.id_map =' entries in /tmp/config1.

Changelog for v2:
   1. fix incorrect saving of group types (s/'c'/'g')
   2. fix typo -> idmap->type should be idmap->idtype

Reported-by: Dwight Engen <dwight.engen@oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Dwight Engen <dwight.engen@oracle.com>
Tested-by: Dwight Engen <dwight.engen@oracle.com>
---
 src/lxc/conf.c    | 13 +++++++++++++
 src/lxc/confile.c |  6 ++++++
 2 files changed, 19 insertions(+)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index a69c4f88d..46320dd00 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3079,6 +3079,18 @@ int lxc_clear_config_caps(struct lxc_conf *c)
 	return 0;
 }
 
+int lxc_clear_idmaps(struct lxc_conf *c)
+{
+	struct lxc_list *it, *next;
+
+	lxc_list_for_each_safe(it, &c->id_map, next) {
+		lxc_list_del(it);
+		free(it->elem);
+		free(it);
+	}
+	return 0;
+}
+
 int lxc_clear_cgroups(struct lxc_conf *c, const char *key)
 {
 	struct lxc_list *it,*next;
@@ -3182,5 +3194,6 @@ void lxc_conf_free(struct lxc_conf *conf)
 	lxc_clear_hooks(conf, "lxc.hook");
 	lxc_clear_mount_entries(conf);
 	lxc_clear_saved_nics(conf);
+	lxc_clear_idmaps(conf);
 	free(conf);
 }
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index a7db1178a..bb02e1c75 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1945,6 +1945,12 @@ void write_config(FILE *fout, struct lxc_conf *c)
 	}
 	lxc_list_for_each(it, &c->caps)
 		fprintf(fout, "lxc.cap.drop = %s\n", (char *)it->elem);
+	lxc_list_for_each(it, &c->id_map) {
+		struct id_map *idmap = it->elem;
+		fprintf(fout, "lxc.id_map = %c %lu %lu %lu\n",
+			idmap->idtype == ID_TYPE_UID ? 'u' : 'g', idmap->nsid,
+			idmap->hostid, idmap->range);
+	}
 	for (i=0; i<NUM_LXC_HOOKS; i++) {
 		lxc_list_for_each(it, &c->hooks[i])
 			fprintf(fout, "lxc.hook.%s = %s\n",
-- 
2.39.2