diff options
| author | sana kazi <sanakazisk19@gmail.com> | 2021-09-16 10:36:53 +0530 |
|---|---|---|
| committer | Bruce Ashfield <bruce.ashfield@gmail.com> | 2023-05-19 10:42:09 -0400 |
| commit | 9fd5cea2c77734c9b532275b6971968c48b74e3f (patch) | |
| tree | bbd51d1ce601c58e837f72de5dc7c72490493bfd | |
| parent | 2186e98eee5bcd2a3bb4c96c82b76f8a8a969bdf (diff) | |
| download | meta-virtualization-9fd5cea2c77734c9b532275b6971968c48b74e3f.tar.gz | |
lxc: Fix -c command for lxc-attach
Added fix_c_command.patch the -c command seems to be broken because
the passed context is ignored and always overwritten by the context
specified in the config file.
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Sana Kazi <sanakazisk19@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
| -rw-r--r-- | recipes-containers/lxc/files/fix_c_command.patch | 36 | ||||
| -rw-r--r-- | recipes-containers/lxc/lxc_git.bb | 1 |
2 files changed, 37 insertions, 0 deletions
diff --git a/recipes-containers/lxc/files/fix_c_command.patch b/recipes-containers/lxc/files/fix_c_command.patch new file mode 100644 index 00000000..1ed8dafd --- /dev/null +++ b/recipes-containers/lxc/files/fix_c_command.patch | |||
| @@ -0,0 +1,36 @@ | |||
| 1 | From 9becf309a81806ef08acf9ca99ab95c1bcfa1f65 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Maximilian Blenk <Maximilian.Blenk@bmw.de> | ||
| 3 | Date: Mon, 23 Aug 2021 15:39:28 +0200 | ||
| 4 | Subject: [PATCH] attach: Fix -c command | ||
| 5 | |||
| 6 | Currently, the -c command (to set the selinux context) seems to be | ||
| 7 | broken because the passed context is ignored and always overwritten by | ||
| 8 | the context specified in the config file. The intention behind the -c | ||
| 9 | imho was to be able to manually overwrite this behavior. This patch | ||
| 10 | ensures that the selinux context will be set if passed via the command | ||
| 11 | line. | ||
| 12 | |||
| 13 | Signed-off-by: Maximilian Blenk <Maximilian.Blenk@bmw.de> | ||
| 14 | --- | ||
| 15 | src/lxc/tools/lxc_attach.c | 5 ++++- | ||
| 16 | 1 file changed, 4 insertions(+), 1 deletion(-) | ||
| 17 | |||
| 18 | Upstream-Status: Backport [https://github.com/lxc/lxc/commit/9becf309a81806ef08acf9ca99ab95c1bcfa1f65.patch] | ||
| 19 | Comment: No change in any hunk | ||
| 20 | |||
| 21 | diff --git a/src/lxc/tools/lxc_attach.c b/src/lxc/tools/lxc_attach.c | ||
| 22 | index 0374d980b4..e6b388b20c 100644 | ||
| 23 | --- a/src/lxc/tools/lxc_attach.c | ||
| 24 | +++ b/src/lxc/tools/lxc_attach.c | ||
| 25 | @@ -379,7 +379,10 @@ int main(int argc, char *argv[]) | ||
| 26 | attach_options.gid = my_args.gid; | ||
| 27 | |||
| 28 | // selinux_context will be NULL if not set | ||
| 29 | - attach_options.lsm_label = selinux_context; | ||
| 30 | + if (selinux_context) { | ||
| 31 | + attach_options.attach_flags |= LXC_ATTACH_LSM_LABEL; | ||
| 32 | + attach_options.lsm_label = selinux_context; | ||
| 33 | + } | ||
| 34 | |||
| 35 | if (command.program) { | ||
| 36 | ret = c->attach_run_wait(c, &attach_options, command.program, | ||
diff --git a/recipes-containers/lxc/lxc_git.bb b/recipes-containers/lxc/lxc_git.bb index 76e04933..f98cba05 100644 --- a/recipes-containers/lxc/lxc_git.bb +++ b/recipes-containers/lxc/lxc_git.bb | |||
| @@ -50,6 +50,7 @@ SRC_URI = "git://github.com/lxc/lxc.git;branch=stable-4.0 \ | |||
| 50 | file://dnsmasq.conf \ | 50 | file://dnsmasq.conf \ |
| 51 | file://lxc-net \ | 51 | file://lxc-net \ |
| 52 | file://enable_seccomp_profile_when_compiled_libseccomp.patch \ | 52 | file://enable_seccomp_profile_when_compiled_libseccomp.patch \ |
| 53 | file://fix_c_command.patch \ | ||
| 53 | " | 54 | " |
| 54 | 55 | ||
| 55 | SRCREV = "cec7cb14b2a4367d4cb21a90e1b90d0f98a9d874" | 56 | SRCREV = "cec7cb14b2a4367d4cb21a90e1b90d0f98a9d874" |