[Devel] [PATCH 1/6] host uid and gid parameters
Glauber Costa
glommer at parallels.com
Mon Mar 11 12:37:10 PDT 2013
>> @@ -1996,6 +2006,24 @@ static int parse(envid_t veid, vps_param
>> *vps_p, char *val, int id)
>> case PARAM_IPTABLES:
>> ret = parse_iptables(&vps_p->res.env, val);
>> break;
>> +
>> + case PARAM_LOCAL_UID:
>> + ret = parse_ul(val, &vps_p->res.misc.local_uid);
>
> 1 Are we OK with the fact that the biggest number returned from
> parse_ul() is LONG_MAX and not ULONG_MAX?
>
Humm, LONG_MAX is different in 32 bits, right? So yes, it might be a
problem =(
I was basically in a 64-bit mindset. We don't care, because the kernel
type is actually half of that.
What's the best tool for this job, then ?
> 2 We use conf_parse_ulong() and pointer to unsigned long in similar
> places in order to detect situations such as unset value or the value
> set twice in config. If you don't want that, I guess it's fine to use
> parse_ul() directly...
>
I have no particular preference, parse_ul seemed to already do all I
wanted...
>> + if (ret != 0)
>> + break;
>> +
>> + if (vps_p->res.misc.local_uid == 0)
>> + vps_p->res.misc.local_uid = VZ_DEFAULT_UID;
>
> So here you deliberately disable possibility to use 0 as an offset,
> making 0 mean "use default". RIght?
>
Note that those values are ignored when user namespaces are not available.
When they are, I don't really think running containers as root should be
even allowed. So yes, this is by design.
More information about the Devel
mailing list