debian/patches/fixes/0001-conf-ret-try-devpts-mount-without-gid-5-on-error.patch

   1 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
   2 From: Christian Brauner <christian.brauner@ubuntu.com>
   3 Date: Thu, 12 Apr 2018 11:12:06 +0200
   4 Subject: [PATCH] conf: ret-try devpts mount without gid=5 on error
   5
   6 We should always default to mounting devpts with gid=5 but we should fallback
   7 to mounting without gid=5. This let's us cover use-cases such as container
   8 started with only a single mapping e.g.:
   9
  10 lxc.idmap = u 1000 1000 1
  11 lxc.idmap = g 1000 1000 1
  12
  13 Closes #2257.
  14
  15 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
  16 ---
  17  src/lxc/conf.c | 18 +++++++++---------
  18  1 file changed, 9 insertions(+), 9 deletions(-)
  19
  20 diff --git a/src/lxc/conf.c b/src/lxc/conf.c
  21 index fe30800d..a604adbb 100644
  22 --- a/src/lxc/conf.c
  23 +++ b/src/lxc/conf.c
  24 @@ -1503,7 +1503,7 @@ static struct id_map *find_mapped_nsid_entry(struct lxc_conf *conf, unsigned id,
  25  static int lxc_setup_devpts(struct lxc_conf *conf)
  26  {
  27         int ret;
  28 -       const char *default_devpts_mntopts;
  29 +       const char *default_devpts_mntopts = "gid=5,newinstance,ptmxmode=0666,mode=0620";
  30         char devpts_mntopts[256];
  31
  32         if (conf->pts <= 0) {
  33 @@ -1512,11 +1512,6 @@ static int lxc_setup_devpts(struct lxc_conf *conf)
  34                 return 0;
  35         }
  36
  37 -       if (!find_mapped_nsid_entry(conf, 5, ID_TYPE_GID))
  38 -               default_devpts_mntopts = "newinstance,ptmxmode=0666,mode=0620";
  39 -       else
  40 -               default_devpts_mntopts = "newinstance,ptmxmode=0666,mode=0620,gid=5";
  41 -
  42         ret = snprintf(devpts_mntopts, sizeof(devpts_mntopts), "%s,max=%d",
  43                        default_devpts_mntopts, conf->pts);
  44         if (ret < 0 || (size_t)ret >= sizeof(devpts_mntopts))
  45 @@ -1540,11 +1535,16 @@ static int lxc_setup_devpts(struct lxc_conf *conf)
  46                 return -1;
  47         }
  48
  49 -       /* Mount new devpts instance. */
  50 +       /* mount new devpts instance */
  51         ret = mount("devpts", "/dev/pts", "devpts", MS_NOSUID | MS_NOEXEC, devpts_mntopts);
  52         if (ret < 0) {
  53 -               SYSERROR("Failed to mount new devpts instance");
  54 -               return -1;
  55 +               /* try mounting without gid=5 */
  56 +               ret = mount("devpts", "/dev/pts", "devpts",
  57 +                           MS_NOSUID | MS_NOEXEC, devpts_mntopts + sizeof("gid=5"));
  58 +               if (ret < 0) {
  59 +                       SYSERROR("Failed to mount new devpts instance");
  60 +                       return -1;
  61 +               }
  62         }
  63         DEBUG("Mount new devpts instance with options \"%s\"", devpts_mntopts);
  64
  65 --
  66 2.11.0
  67