mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-24 14:45:24 +00:00
LXC: sort the uidmap/gidmap of domain
Make sure the mapping line contains the root user of container is the first element of idmap array. So we can get the real user id on host for the container easily. This patch also check the map information, User must map the root user of container to any user of host. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
This commit is contained in:
parent
8b58336eec
commit
43d4f46aeb
@ -10225,6 +10225,19 @@ cleanup:
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int virDomainIdMapEntrySort(const void *a, const void *b)
|
||||||
|
{
|
||||||
|
const virDomainIdMapEntryPtr entrya = (const virDomainIdMapEntryPtr) a;
|
||||||
|
const virDomainIdMapEntryPtr entryb = (const virDomainIdMapEntryPtr) b;
|
||||||
|
|
||||||
|
if (entrya->start > entryb->start)
|
||||||
|
return 1;
|
||||||
|
else if (entrya->start < entryb->start)
|
||||||
|
return -1;
|
||||||
|
else
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
/* Parse the XML definition for user namespace id map.
|
/* Parse the XML definition for user namespace id map.
|
||||||
*
|
*
|
||||||
* idmap has the form of
|
* idmap has the form of
|
||||||
@ -10256,6 +10269,17 @@ virDomainIdmapDefParseXML(xmlXPathContextPtr ctxt,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
qsort(idmap, num, sizeof(idmap[0]), virDomainIdMapEntrySort);
|
||||||
|
|
||||||
|
if (idmap[0].start != 0) {
|
||||||
|
/* Root user of container hasn't been mapped to any user of host,
|
||||||
|
* return error. */
|
||||||
|
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
|
||||||
|
_("You must map the root user of container"));
|
||||||
|
VIR_FREE(idmap);
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
ctxt->node = save_ctxt;
|
ctxt->node = save_ctxt;
|
||||||
return idmap;
|
return idmap;
|
||||||
|
Loading…
Reference in New Issue
Block a user