[Devel] [PATCH RHEL COMMIT] ve/sysctl: allow to write kernel/hostname and kernel/domainname entries in container
Konstantin Khorenko
khorenko at virtuozzo.com
Tue Sep 28 19:31:07 MSK 2021
The commit is pushed to "branch-rh9-5.14.vz9.1.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after ark-5.14
------>
commit 3a0028694c65f8479b2329ceb7eeb80d12bc8b1d
Author: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>
Date: Tue Sep 28 19:31:06 2021 +0300
ve/sysctl: allow to write kernel/hostname and kernel/domainname entries in container
We need to adjust these values during restore procedure.
The modification of these entries doesn't affect other containers
because they are per-namespace.
https://jira.sw.ru/browse/PSBM-20102
https://jira.sw.ru/browse/PSBM-20102
Signed-off-by: Cyrill Gorcunov <gorcunov at openvz.org>
Signed-off-by: Andrew Vagin <avagin at openvz.org>
Signed-off-by: Stanislav Kinsbursky <skinsbursky at parallels.com>
(cherry picked from commit 72c44ce8fda1f2f64aa580938e6ac5b04da56e26)
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
(cherry picked from vz8 commit 403952ed042fa8d25ec2b48e17337488ad85de16)
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
ipc/mq_sysctl.c | 11 ++++++-----
kernel/utsname_sysctl.c | 5 +++--
2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/ipc/mq_sysctl.c b/ipc/mq_sysctl.c
index 72a92a08c848..534b0d392db6 100644
--- a/ipc/mq_sysctl.c
+++ b/ipc/mq_sysctl.c
@@ -8,6 +8,7 @@
#include <linux/nsproxy.h>
#include <linux/ipc_namespace.h>
#include <linux/sysctl.h>
+#include <linux/stat.h>
#ifdef CONFIG_PROC_SYSCTL
static void *get_mq(struct ctl_table *table)
@@ -54,14 +55,14 @@ static struct ctl_table mq_sysctls[] = {
.procname = "queues_max",
.data = &init_ipc_ns.mq_queues_max,
.maxlen = sizeof(int),
- .mode = 0644,
+ .mode = 0644 | S_ISVTX,
.proc_handler = proc_mq_dointvec,
},
{
.procname = "msg_max",
.data = &init_ipc_ns.mq_msg_max,
.maxlen = sizeof(int),
- .mode = 0644,
+ .mode = 0644 | S_ISVTX,
.proc_handler = proc_mq_dointvec_minmax,
.extra1 = &msg_max_limit_min,
.extra2 = &msg_max_limit_max,
@@ -70,7 +71,7 @@ static struct ctl_table mq_sysctls[] = {
.procname = "msgsize_max",
.data = &init_ipc_ns.mq_msgsize_max,
.maxlen = sizeof(int),
- .mode = 0644,
+ .mode = 0644 | S_ISVTX,
.proc_handler = proc_mq_dointvec_minmax,
.extra1 = &msg_maxsize_limit_min,
.extra2 = &msg_maxsize_limit_max,
@@ -79,7 +80,7 @@ static struct ctl_table mq_sysctls[] = {
.procname = "msg_default",
.data = &init_ipc_ns.mq_msg_default,
.maxlen = sizeof(int),
- .mode = 0644,
+ .mode = 0644 | S_ISVTX,
.proc_handler = proc_mq_dointvec_minmax,
.extra1 = &msg_max_limit_min,
.extra2 = &msg_max_limit_max,
@@ -88,7 +89,7 @@ static struct ctl_table mq_sysctls[] = {
.procname = "msgsize_default",
.data = &init_ipc_ns.mq_msgsize_default,
.maxlen = sizeof(int),
- .mode = 0644,
+ .mode = 0644 | S_ISVTX,
.proc_handler = proc_mq_dointvec_minmax,
.extra1 = &msg_maxsize_limit_min,
.extra2 = &msg_maxsize_limit_max,
diff --git a/kernel/utsname_sysctl.c b/kernel/utsname_sysctl.c
index 4ca61d49885b..2dadaa959c81 100644
--- a/kernel/utsname_sysctl.c
+++ b/kernel/utsname_sysctl.c
@@ -11,6 +11,7 @@
#include <linux/sysctl.h>
#include <linux/wait.h>
#include <linux/rwsem.h>
+#include <linux/stat.h>
#ifdef CONFIG_PROC_SYSCTL
@@ -98,7 +99,7 @@ static struct ctl_table uts_kern_table[] = {
.procname = "hostname",
.data = init_uts_ns.name.nodename,
.maxlen = sizeof(init_uts_ns.name.nodename),
- .mode = 0644,
+ .mode = 0644 | S_ISVTX,
.proc_handler = proc_do_uts_string,
.poll = &hostname_poll,
},
@@ -106,7 +107,7 @@ static struct ctl_table uts_kern_table[] = {
.procname = "domainname",
.data = init_uts_ns.name.domainname,
.maxlen = sizeof(init_uts_ns.name.domainname),
- .mode = 0644,
+ .mode = 0644 | S_ISVTX,
.proc_handler = proc_do_uts_string,
.poll = &domainname_poll,
},
More information about the Devel
mailing list