mir/lxc
2
0
Fork 0
mirror of git://github.com/lxc/lxc synced 2025-08-31 19:52:32 +00:00
Code Issues Releases Wiki Activity

conf.c: fix unprivileged network case

Browse Source 
If unprivileged users are using a veth nic, then ifindex is still 0
at lxc_assign_network() (because lxc_create_network() was skipped).
So check for that case before we use lxc->ifindex to decide if we
have an empty network namespace.

We probably should change the !netdev->ifindex check to a
netdev->type == LXC_NET_EMPTY check, but I've been making enough
mistakes today not to risk that.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This commit is contained in:
Serge Hallyn
2013-12-19 15:33:22 -06:00
committed by Stéphane Graber
parent 7e7243e16b
commit fbb1625948
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/lxc/conf.c
View File

@@ -3076,16 +3076,17 @@ int lxc_assign_network(struct lxc_list *network, pid_t pid)
netdev = iterator->elem; netdev = iterator->elem;
/* empty network namespace, nothing to move */ if (netdev->type == LXC_NET_VETH && !am_root) {
if (!netdev->ifindex)
continue;
if (!am_root) {
if (unpriv_assign_nic(netdev, pid)) if (unpriv_assign_nic(netdev, pid))
return -1; return -1;
// TODO fill in netdev->ifindex and name // TODO fill in netdev->ifindex and name
continue; continue;
} }
/* empty network namespace, nothing to move */
if (!netdev->ifindex)
continue;
err = lxc_netdev_move_by_index(netdev->ifindex, pid); err = lxc_netdev_move_by_index(netdev->ifindex, pid);
if (err) { if (err) {
ERROR("failed to move '%s' to the container : %s", ERROR("failed to move '%s' to the container : %s",