mir/lxc
2
0
Fork 0
mirror of git://github.com/lxc/lxc synced 2025-09-02 04:29:32 +00:00
Code Issues Releases Wiki Activity

lxc-unshare: uid_t is unsigned.

Browse Source 
so we can't use uid==-1 as "don't do setuid"

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This commit is contained in:
Serge Hallyn
2014-01-15 16:45:31 -06:00
parent c1bb25a831
commit 31a1209de9
1 changed files with 16 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/lxc/lxc_unshare.c
View File

@@ -66,35 +66,33 @@ static void usage(char *cmd)
_exit(1); _exit(1);
} }
static uid_t lookup_user(const char *optarg) static bool lookup_user(const char *optarg, uid_t *uid)
{ {
char name[sysconf(_SC_LOGIN_NAME_MAX)]; char name[sysconf(_SC_LOGIN_NAME_MAX)];
uid_t uid = -1;
struct passwd *pwent = NULL; struct passwd *pwent = NULL;
if (!optarg || (optarg[0] == '\0')) if (!optarg || (optarg[0] == '\0'))
return uid; return false;
if (sscanf(optarg, "%u", &uid) < 1) { if (sscanf(optarg, "%u", uid) < 1) {
/* not a uid -- perhaps a username */ /* not a uid -- perhaps a username */
if (sscanf(optarg, "%s", name) < 1) if (sscanf(optarg, "%s", name) < 1)
return uid; return false;
pwent = getpwnam(name); pwent = getpwnam(name);
if (!pwent) { if (!pwent) {
ERROR("invalid username %s", name); ERROR("invalid username %s", name);
return uid; return false;
} }
uid = pwent->pw_uid; *uid = pwent->pw_uid;
} else { } else {
pwent = getpwuid(uid); pwent = getpwuid(*uid);
if (!pwent) { if (!pwent) {
ERROR("invalid uid %d", uid); ERROR("invalid uid %u", *uid);
uid = -1; return false;
return uid;
} }
} }
return uid; return true;
} }
@@ -102,6 +100,7 @@ struct start_arg {
char ***args; char ***args;
int *flags; int *flags;
uid_t *uid; uid_t *uid;
bool setuid;
int want_default_mounts; int want_default_mounts;
const char *want_hostname; const char *want_hostname;
}; };
@@ -125,7 +124,7 @@ static int do_start(void *arg)
} }
// Setuid is useful even without a new user id space // Setuid is useful even without a new user id space
if ( uid >= 0 && setuid(uid)) { if (start_arg->setuid && setuid(uid)) {
ERROR("failed to set uid %d: %s", uid, strerror(errno)); ERROR("failed to set uid %d: %s", uid, strerror(errno));
exit(1); exit(1);
} }
@@ -144,12 +143,13 @@ int main(int argc, char *argv[])
char **args; char **args;
int flags = 0; int flags = 0;
int daemonize = 0; int daemonize = 0;
uid_t uid = -1; /* valid only if (flags & CLONE_NEWUSER) */ uid_t uid = 0; /* valid only if (flags & CLONE_NEWUSER) */
pid_t pid; pid_t pid;
struct my_iflist *tmpif, *my_iflist = NULL; struct my_iflist *tmpif, *my_iflist = NULL;
struct start_arg start_arg = { struct start_arg start_arg = {
.args = &args, .args = &args,
.uid = &uid, .uid = &uid,
.setuid = false,
.flags = &flags, .flags = &flags,
.want_hostname = NULL, .want_hostname = NULL,
.want_default_mounts = 0, .want_default_mounts = 0,
@@ -182,9 +182,9 @@ int main(int argc, char *argv[])
usage(argv[0]); usage(argv[0]);
break; break;
case 'u': case 'u':
uid = lookup_user(optarg); if (!lookup_user(optarg, &uid))
if (uid == -1)
return 1; return 1;
start_arg.setuid = true;
} }
} }