[lxc/lxc] b445fc: attach: allow LSM attach without new mnt namespace
1 view
Skip to first unread message
Stéphane Graber
Aug 24, 2021, 11:56:32 PM8/24/21
to lxc-...@lists.linuxcontainers.org
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: b445fcb114a1753145d0d2dece74ab2cf055241c
https://github.com/lxc/lxc/commit/b445fcb114a1753145d0d2dece74ab2cf055241c
Author: Maximilian Blenk <Maximili...@bmw.de>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/attach.c
Log Message:
-----------
attach: allow LSM attach without new mnt namespace
Currently, the -c command (to set the selinux context) seems to be
broken because lxc-attach expects that also a new mount namespace
is specified via command line. This commit remove the check for the new
mount namespace to fix this issue. Please note that the
--elevated-privileges option is not affected by this issue.
Signed-off-by: Maximilian Blenk <Maximili...@bmw.de>
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: 647df91d9aba61c0d6b200c6a63fb1b9ef137bba
https://github.com/lxc/lxc/commit/647df91d9aba61c0d6b200c6a63fb1b9ef137bba
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
tools: fix variable declarations in lxc-attach
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: 7cde4e411a1d82e742d9177383669bf7db3c06a3
https://github.com/lxc/lxc/commit/7cde4e411a1d82e742d9177383669bf7db3c06a3
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
tools: align struct initialization
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: d34bbcb71ad6e149214490fb5c4b77a27546803a
https://github.com/lxc/lxc/commit/d34bbcb71ad6e149214490fb5c4b77a27546803a
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/attach_options.h
Log Message:
-----------
attach_options: add LXC_ATTACH_LSM_LABEL to LXC_ATTACH_LSM flags
Cc: Maximilian Blenk <Maximili...@bmw.de>
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: d253a09f9b69ab278254b9cd2468da7024ef8c7a
https://github.com/lxc/lxc/commit/d253a09f9b69ab278254b9cd2468da7024ef8c7a
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/confile.c
M src/lxc/confile.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
confile: rework lxc_fill_elevated_privileges()
Cc: Maximilian Blenk <Maximili...@bmw.de>
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: 8c5c30d17541749b3d271ee06fbe08c5d32b07ed
https://github.com/lxc/lxc/commit/8c5c30d17541749b3d271ee06fbe08c5d32b07ed
Author: Maximilian Blenk <Maximili...@bmw.de>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
tools: fix elevated privilege handler in lxc-attach
Make sure to return an error when the user requests an LSM profile to be
set while also requesting that elevated LSM privileges are to be used.
Signed-off-by: Maximilian Blenk <Maximili...@bmw.de>
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: e91d7f22f1265e17cb83b1e6270b8fd5f4f136e6
https://github.com/lxc/lxc/commit/e91d7f22f1265e17cb83b1e6270b8fd5f4f136e6
Author: Stéphane Graber <stgr...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/attach.c
M src/lxc/attach_options.h
M src/lxc/confile.c
M src/lxc/confile.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
Merge pull request #3949 from brauner/2021-08-24.attach
tools: lxc-attach fixes
Compare: https://github.com/lxc/lxc/compare/fc1625fb2339...e91d7f22f126
Home: https://github.com/lxc/lxc
Commit: b445fcb114a1753145d0d2dece74ab2cf055241c
https://github.com/lxc/lxc/commit/b445fcb114a1753145d0d2dece74ab2cf055241c
Author: Maximilian Blenk <Maximili...@bmw.de>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/attach.c
Log Message:
-----------
attach: allow LSM attach without new mnt namespace
Currently, the -c command (to set the selinux context) seems to be
broken because lxc-attach expects that also a new mount namespace
is specified via command line. This commit remove the check for the new
mount namespace to fix this issue. Please note that the
--elevated-privileges option is not affected by this issue.
Signed-off-by: Maximilian Blenk <Maximili...@bmw.de>
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: 647df91d9aba61c0d6b200c6a63fb1b9ef137bba
https://github.com/lxc/lxc/commit/647df91d9aba61c0d6b200c6a63fb1b9ef137bba
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
tools: fix variable declarations in lxc-attach
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: 7cde4e411a1d82e742d9177383669bf7db3c06a3
https://github.com/lxc/lxc/commit/7cde4e411a1d82e742d9177383669bf7db3c06a3
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
tools: align struct initialization
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: d34bbcb71ad6e149214490fb5c4b77a27546803a
https://github.com/lxc/lxc/commit/d34bbcb71ad6e149214490fb5c4b77a27546803a
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/attach_options.h
Log Message:
-----------
attach_options: add LXC_ATTACH_LSM_LABEL to LXC_ATTACH_LSM flags
Cc: Maximilian Blenk <Maximili...@bmw.de>
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: d253a09f9b69ab278254b9cd2468da7024ef8c7a
https://github.com/lxc/lxc/commit/d253a09f9b69ab278254b9cd2468da7024ef8c7a
Author: Christian Brauner <christia...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/confile.c
M src/lxc/confile.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
confile: rework lxc_fill_elevated_privileges()
Cc: Maximilian Blenk <Maximili...@bmw.de>
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: 8c5c30d17541749b3d271ee06fbe08c5d32b07ed
https://github.com/lxc/lxc/commit/8c5c30d17541749b3d271ee06fbe08c5d32b07ed
Author: Maximilian Blenk <Maximili...@bmw.de>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
tools: fix elevated privilege handler in lxc-attach
Make sure to return an error when the user requests an LSM profile to be
set while also requesting that elevated LSM privileges are to be used.
Signed-off-by: Maximilian Blenk <Maximili...@bmw.de>
Signed-off-by: Christian Brauner <christia...@ubuntu.com>
Commit: e91d7f22f1265e17cb83b1e6270b8fd5f4f136e6
https://github.com/lxc/lxc/commit/e91d7f22f1265e17cb83b1e6270b8fd5f4f136e6
Author: Stéphane Graber <stgr...@ubuntu.com>
Date: 2021-08-24 (Tue, 24 Aug 2021)
Changed paths:
M src/lxc/attach.c
M src/lxc/attach_options.h
M src/lxc/confile.c
M src/lxc/confile.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
Merge pull request #3949 from brauner/2021-08-24.attach
tools: lxc-attach fixes
Compare: https://github.com/lxc/lxc/compare/fc1625fb2339...e91d7f22f126
Reply all
Reply to author
Forward
0 new messages