1 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2 From: Wolfgang Bumiller <w.bumiller@proxmox.com>
3 Date: Tue, 13 Aug 2019 13:57:22 +0200
4 Subject: [PATCH] PVE: [Config] attach: always use getent
6 In debian buster, some libnss plugins (if installed) can
7 cause getpwent to segfault instead of erroring out cleanly.
8 To avoid this, stick to always using getent.
10 Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
12 src/lxc/attach.c | 29 ++---------------------------
13 1 file changed, 2 insertions(+), 27 deletions(-)
15 diff --git a/src/lxc/attach.c b/src/lxc/attach.c
16 index 117e3778f..8b34a412e 100644
17 --- a/src/lxc/attach.c
18 +++ b/src/lxc/attach.c
19 @@ -1548,11 +1548,7 @@ int lxc_attach_run_command(void *payload)
20 int lxc_attach_run_shell(void* payload)
23 - struct passwd pwent;
24 - struct passwd *pwentp = NULL;
30 /* Ignore payload parameter. */
31 @@ -1560,32 +1556,13 @@ int lxc_attach_run_shell(void* payload)
35 - bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
39 - buf = malloc(bufsize);
41 - ret = getpwuid_r(uid, &pwent, buf, bufsize, &pwentp);
44 - WARN("Could not find matched password record");
46 - WARN("Failed to get password record - %u", uid);
50 /* This probably happens because of incompatible nss implementations in
51 * host and container (remember, this code is still using the host's
52 * glibc but our mount namespace is in the container) we may try to get
53 * the information by spawning a [getent passwd uid] process and parsing
57 - user_shell = lxc_attach_getpwshell(uid);
59 - user_shell = pwent.pw_shell;
61 + user_shell = lxc_attach_getpwshell(uid);
63 execlp(user_shell, user_shell, (char *)NULL);
65 @@ -1595,9 +1572,7 @@ int lxc_attach_run_shell(void* payload)
66 execlp("/bin/sh", "/bin/sh", (char *)NULL);
68 SYSERROR("Failed to execute shell");