mirror of
git://git.proxmox.com/git/lxc.git
synced 2025-03-16 10:50:38 +03:00
merge upstream bugfixes:
* fix some memory leaks * fix temp file creation * fix rootfs pinning with NFS * drop supplementary groups on attach * fix gid=5 mount option on /dev/pts Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This commit is contained in:
parent
5c8b444abd
commit
99be5c8cba
67
debian/patches/fixes/0001-conf-ret-try-devpts-mount-without-gid-5-on-error.patch
vendored
Normal file
67
debian/patches/fixes/0001-conf-ret-try-devpts-mount-without-gid-5-on-error.patch
vendored
Normal file
@ -0,0 +1,67 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
Date: Thu, 12 Apr 2018 11:12:06 +0200
|
||||
Subject: [PATCH] conf: ret-try devpts mount without gid=5 on error
|
||||
|
||||
We should always default to mounting devpts with gid=5 but we should fallback
|
||||
to mounting without gid=5. This let's us cover use-cases such as container
|
||||
started with only a single mapping e.g.:
|
||||
|
||||
lxc.idmap = u 1000 1000 1
|
||||
lxc.idmap = g 1000 1000 1
|
||||
|
||||
Closes #2257.
|
||||
|
||||
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
---
|
||||
src/lxc/conf.c | 18 +++++++++---------
|
||||
1 file changed, 9 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
|
||||
index fe30800d..a604adbb 100644
|
||||
--- a/src/lxc/conf.c
|
||||
+++ b/src/lxc/conf.c
|
||||
@@ -1503,7 +1503,7 @@ static struct id_map *find_mapped_nsid_entry(struct lxc_conf *conf, unsigned id,
|
||||
static int lxc_setup_devpts(struct lxc_conf *conf)
|
||||
{
|
||||
int ret;
|
||||
- const char *default_devpts_mntopts;
|
||||
+ const char *default_devpts_mntopts = "gid=5,newinstance,ptmxmode=0666,mode=0620";
|
||||
char devpts_mntopts[256];
|
||||
|
||||
if (conf->pts <= 0) {
|
||||
@@ -1512,11 +1512,6 @@ static int lxc_setup_devpts(struct lxc_conf *conf)
|
||||
return 0;
|
||||
}
|
||||
|
||||
- if (!find_mapped_nsid_entry(conf, 5, ID_TYPE_GID))
|
||||
- default_devpts_mntopts = "newinstance,ptmxmode=0666,mode=0620";
|
||||
- else
|
||||
- default_devpts_mntopts = "newinstance,ptmxmode=0666,mode=0620,gid=5";
|
||||
-
|
||||
ret = snprintf(devpts_mntopts, sizeof(devpts_mntopts), "%s,max=%d",
|
||||
default_devpts_mntopts, conf->pts);
|
||||
if (ret < 0 || (size_t)ret >= sizeof(devpts_mntopts))
|
||||
@@ -1540,11 +1535,16 @@ static int lxc_setup_devpts(struct lxc_conf *conf)
|
||||
return -1;
|
||||
}
|
||||
|
||||
- /* Mount new devpts instance. */
|
||||
+ /* mount new devpts instance */
|
||||
ret = mount("devpts", "/dev/pts", "devpts", MS_NOSUID | MS_NOEXEC, devpts_mntopts);
|
||||
if (ret < 0) {
|
||||
- SYSERROR("Failed to mount new devpts instance");
|
||||
- return -1;
|
||||
+ /* try mounting without gid=5 */
|
||||
+ ret = mount("devpts", "/dev/pts", "devpts",
|
||||
+ MS_NOSUID | MS_NOEXEC, devpts_mntopts + sizeof("gid=5"));
|
||||
+ if (ret < 0) {
|
||||
+ SYSERROR("Failed to mount new devpts instance");
|
||||
+ return -1;
|
||||
+ }
|
||||
}
|
||||
DEBUG("Mount new devpts instance with options \"%s\"", devpts_mntopts);
|
||||
|
||||
--
|
||||
2.11.0
|
||||
|
25
debian/patches/fixes/0002-Fix-the-memory-leak-in-cgfsng_attach.patch
vendored
Normal file
25
debian/patches/fixes/0002-Fix-the-memory-leak-in-cgfsng_attach.patch
vendored
Normal file
@ -0,0 +1,25 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: LiFeng <lifeng68@huawei.com>
|
||||
Date: Tue, 24 Apr 2018 12:53:57 -0400
|
||||
Subject: [PATCH] Fix the memory leak in cgfsng_attach
|
||||
|
||||
Signed-off-by: LiFeng <lifeng68@huawei.com>
|
||||
---
|
||||
src/lxc/cgroups/cgfsng.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
|
||||
index b48f997f..689e4fe5 100644
|
||||
--- a/src/lxc/cgroups/cgfsng.c
|
||||
+++ b/src/lxc/cgroups/cgfsng.c
|
||||
@@ -2549,6 +2549,7 @@ static bool cgfsng_attach(const char *name, const char *lxcpath, pid_t pid)
|
||||
continue;
|
||||
|
||||
fullpath = build_full_cgpath_from_monitorpath(h, path, "cgroup.procs");
|
||||
+ free(path);
|
||||
ret = lxc_write_to_file(fullpath, pidstr, len, false);
|
||||
if (ret < 0) {
|
||||
SYSERROR("Failed to attach %d to %s", (int)pid, fullpath);
|
||||
--
|
||||
2.11.0
|
||||
|
71
debian/patches/fixes/0003-Fix-memory-leak-in-list_active_containers.patch
vendored
Normal file
71
debian/patches/fixes/0003-Fix-memory-leak-in-list_active_containers.patch
vendored
Normal file
@ -0,0 +1,71 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: LiFeng <lifeng68@huawei.com>
|
||||
Date: Tue, 24 Apr 2018 15:10:15 -0400
|
||||
Subject: [PATCH] Fix memory leak in list_active_containers
|
||||
|
||||
Signed-off-by: LiFeng <lifeng68@huawei.com>
|
||||
---
|
||||
src/lxc/lxccontainer.c | 25 +++++++++++++++++++++----
|
||||
1 file changed, 21 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
|
||||
index 6d41b6cf..6a58d81c 100644
|
||||
--- a/src/lxc/lxccontainer.c
|
||||
+++ b/src/lxc/lxccontainer.c
|
||||
@@ -4973,32 +4973,49 @@ int list_active_containers(const char *lxcpath, char ***nret,
|
||||
char *recvpath = lxc_cmd_get_lxcpath(p);
|
||||
if (!recvpath)
|
||||
continue;
|
||||
- if (strncmp(lxcpath, recvpath, lxcpath_len) != 0)
|
||||
+ if (strncmp(lxcpath, recvpath, lxcpath_len) != 0) {
|
||||
+ free(recvpath);
|
||||
continue;
|
||||
+ }
|
||||
+ free(recvpath);
|
||||
p = lxc_cmd_get_name(p);
|
||||
if (!p)
|
||||
continue;
|
||||
}
|
||||
|
||||
- if (array_contains(&ct_name, p, ct_name_cnt))
|
||||
+ if (array_contains(&ct_name, p, ct_name_cnt)) {
|
||||
+ if (is_hashed)
|
||||
+ free(p);
|
||||
continue;
|
||||
+ }
|
||||
|
||||
- if (!add_to_array(&ct_name, p, ct_name_cnt))
|
||||
+ if (!add_to_array(&ct_name, p, ct_name_cnt)) {
|
||||
+ if (is_hashed)
|
||||
+ free(p);
|
||||
goto free_cret_list;
|
||||
+ }
|
||||
|
||||
ct_name_cnt++;
|
||||
|
||||
- if (!cret)
|
||||
+ if (!cret) {
|
||||
+ if (is_hashed)
|
||||
+ free(p);
|
||||
continue;
|
||||
+ }
|
||||
|
||||
c = lxc_container_new(p, lxcpath);
|
||||
if (!c) {
|
||||
INFO("Container %s:%s is running but could not be loaded",
|
||||
lxcpath, p);
|
||||
remove_from_array(&ct_name, p, ct_name_cnt--);
|
||||
+ if (is_hashed)
|
||||
+ free(p);
|
||||
continue;
|
||||
}
|
||||
|
||||
+ if (is_hashed)
|
||||
+ free(p);
|
||||
+
|
||||
/*
|
||||
* If this is an anonymous container, then is_defined *can*
|
||||
* return false. So we don't do that check. Count on the
|
||||
--
|
||||
2.11.0
|
||||
|
58
debian/patches/fixes/0004-pam-cgfs-ignore-the-system-umask-when-creating-the-c.patch
vendored
Normal file
58
debian/patches/fixes/0004-pam-cgfs-ignore-the-system-umask-when-creating-the-c.patch
vendored
Normal file
@ -0,0 +1,58 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan Calmels <jcalmels@nvidia.com>
|
||||
Date: Mon, 16 Apr 2018 12:30:33 -0700
|
||||
Subject: [PATCH] pam-cgfs: ignore the system umask when creating the cgroup
|
||||
hierarchy
|
||||
|
||||
Fixes: #2277
|
||||
Signed-off-by: Jonathan Calmels <jcalmels@nvidia.com>
|
||||
---
|
||||
src/lxc/pam/pam_cgfs.c | 18 ++++++++++++++++--
|
||||
1 file changed, 16 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/lxc/pam/pam_cgfs.c b/src/lxc/pam/pam_cgfs.c
|
||||
index 3df8daef..5c272b0e 100644
|
||||
--- a/src/lxc/pam/pam_cgfs.c
|
||||
+++ b/src/lxc/pam/pam_cgfs.c
|
||||
@@ -223,6 +223,20 @@ static bool cgv2_prune_empty_cgroups(const char *user);
|
||||
static bool cgv2_remove(const char *cgroup);
|
||||
static bool is_cgv2(char *line);
|
||||
|
||||
+static int do_mkdir(const char *path, mode_t mode)
|
||||
+{
|
||||
+ int saved_errno;
|
||||
+ mode_t mask;
|
||||
+ int r;
|
||||
+
|
||||
+ mask = umask(0);
|
||||
+ r = mkdir(path, mode);
|
||||
+ saved_errno = errno;
|
||||
+ umask(mask);
|
||||
+ errno = saved_errno;
|
||||
+ return (r);
|
||||
+}
|
||||
+
|
||||
/* Create directory and (if necessary) its parents. */
|
||||
static bool mkdir_parent(const char *root, char *path)
|
||||
{
|
||||
@@ -252,7 +266,7 @@ static bool mkdir_parent(const char *root, char *path)
|
||||
if (file_exists(path))
|
||||
goto next;
|
||||
|
||||
- if (mkdir(path, 0755) < 0) {
|
||||
+ if (do_mkdir(path, 0755) < 0) {
|
||||
pam_cgfs_debug("Failed to create %s: %s.\n", path, strerror(errno));
|
||||
return false;
|
||||
}
|
||||
@@ -1963,7 +1977,7 @@ static bool cgv1_handle_cpuset_hierarchy(struct cgv1_hierarchy *h,
|
||||
cgpath = must_make_path(h->mountpoint, h->base_cgroup, cgroup, NULL);
|
||||
if (slash)
|
||||
*slash = '/';
|
||||
- if (mkdir(cgpath, 0755) < 0 && errno != EEXIST) {
|
||||
+ if (do_mkdir(cgpath, 0755) < 0 && errno != EEXIST) {
|
||||
pam_cgfs_debug("Failed to create '%s'", cgpath);
|
||||
free(cgpath);
|
||||
return false;
|
||||
--
|
||||
2.11.0
|
||||
|
36
debian/patches/fixes/0005-attach-always-drop-supplementary-groups.patch
vendored
Normal file
36
debian/patches/fixes/0005-attach-always-drop-supplementary-groups.patch
vendored
Normal file
@ -0,0 +1,36 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
Date: Mon, 9 Apr 2018 18:01:38 +0200
|
||||
Subject: [PATCH] attach: always drop supplementary groups
|
||||
|
||||
Closes #1704.
|
||||
|
||||
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
---
|
||||
src/lxc/attach.c | 8 ++++----
|
||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
|
||||
index 9a8a836d..3b715272 100644
|
||||
--- a/src/lxc/attach.c
|
||||
+++ b/src/lxc/attach.c
|
||||
@@ -870,12 +870,12 @@ static int attach_child_main(struct attach_clone_payload *payload)
|
||||
ret = lxc_switch_uid_gid(new_uid, new_gid);
|
||||
if (ret < 0)
|
||||
goto on_error;
|
||||
-
|
||||
- ret = lxc_setgroups(0, NULL);
|
||||
- if (ret < 0)
|
||||
- goto on_error;
|
||||
}
|
||||
|
||||
+ ret = lxc_setgroups(0, NULL);
|
||||
+ if (ret < 0)
|
||||
+ goto on_error;
|
||||
+
|
||||
if ((init_ctx->container && init_ctx->container->lxc_conf &&
|
||||
init_ctx->container->lxc_conf->no_new_privs) ||
|
||||
(options->attach_flags & LXC_ATTACH_NO_NEW_PRIVS)) {
|
||||
--
|
||||
2.11.0
|
||||
|
32
debian/patches/fixes/0006-storage-rsync-free-memory-on-error.patch
vendored
Normal file
32
debian/patches/fixes/0006-storage-rsync-free-memory-on-error.patch
vendored
Normal file
@ -0,0 +1,32 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: C0deAi <benjamin.bales@assrc.us>
|
||||
Date: Fri, 6 Apr 2018 12:46:53 -0400
|
||||
Subject: [PATCH] storage/rsync: free memory on error
|
||||
|
||||
Closes #2262.
|
||||
|
||||
Signed-off-by: C0deAi <techsupport@mycode.ai>
|
||||
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
---
|
||||
src/lxc/storage/rsync.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/lxc/storage/rsync.c b/src/lxc/storage/rsync.c
|
||||
index c3080a56..83871ae8 100644
|
||||
--- a/src/lxc/storage/rsync.c
|
||||
+++ b/src/lxc/storage/rsync.c
|
||||
@@ -73,8 +73,10 @@ int lxc_rsync_exec(const char *src, const char *dest)
|
||||
return -1;
|
||||
|
||||
ret = snprintf(s, l, "%s", src);
|
||||
- if (ret < 0 || (size_t)ret >= l)
|
||||
+ if (ret < 0 || (size_t)ret >= l) {
|
||||
+ free(s);
|
||||
return -1;
|
||||
+ }
|
||||
|
||||
s[l - 2] = '/';
|
||||
s[l - 1] = '\0';
|
||||
--
|
||||
2.11.0
|
||||
|
33
debian/patches/fixes/0007-tools-utils-free-memory-on-error.patch
vendored
Normal file
33
debian/patches/fixes/0007-tools-utils-free-memory-on-error.patch
vendored
Normal file
@ -0,0 +1,33 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: C0deAi <benjamin.bales@assrc.us>
|
||||
Date: Fri, 6 Apr 2018 12:56:50 -0400
|
||||
Subject: [PATCH] tools/utils: free memory on error
|
||||
|
||||
Closes #2262.
|
||||
|
||||
Signed-off-by: C0deAi <techsupport@mycode.ai>
|
||||
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
---
|
||||
src/lxc/tools/tool_utils.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/lxc/tools/tool_utils.c b/src/lxc/tools/tool_utils.c
|
||||
index ca325456..71e5036b 100644
|
||||
--- a/src/lxc/tools/tool_utils.c
|
||||
+++ b/src/lxc/tools/tool_utils.c
|
||||
@@ -794,8 +794,11 @@ int lxc_config_define_add(struct lxc_list *defines, char *arg)
|
||||
return -1;
|
||||
|
||||
dent->elem = parse_line(arg);
|
||||
- if (!dent->elem)
|
||||
+ if (!dent->elem) {
|
||||
+ free(dent);
|
||||
return -1;
|
||||
+ }
|
||||
+
|
||||
lxc_list_add_tail(defines, dent);
|
||||
return 0;
|
||||
}
|
||||
--
|
||||
2.11.0
|
||||
|
54
debian/patches/fixes/0008-fix-signal-sending-in-lxc.init.patch
vendored
Normal file
54
debian/patches/fixes/0008-fix-signal-sending-in-lxc.init.patch
vendored
Normal file
@ -0,0 +1,54 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Tycho Andersen <tycho@tycho.ws>
|
||||
Date: Wed, 4 Apr 2018 17:45:29 -0600
|
||||
Subject: [PATCH] fix signal sending in lxc.init
|
||||
|
||||
The problem here is that these two clauses were ordered backwards: we first
|
||||
check if the signal came from not the init pid, and if it did, then we give
|
||||
a notice and return. The comment notes that this is intended to protect
|
||||
against SIGCHLD, but we don't in fact know if the signal is a SIGCHLD yet,
|
||||
because that's tested in the next hunk.
|
||||
|
||||
The symptom is that if I e.g. send SIGTERM from the outside world to the
|
||||
container init, it ignores it and gives this notice. If we re-order these
|
||||
clauses, it forwards non SIGCHLD signals, and ignores SIGCHLD signals from
|
||||
things that aren't the real container process.
|
||||
|
||||
Signed-off-by: Tycho Andersen <tycho@tycho.ws>
|
||||
---
|
||||
src/lxc/start.c | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/lxc/start.c b/src/lxc/start.c
|
||||
index ae13aae9..1982270e 100644
|
||||
--- a/src/lxc/start.c
|
||||
+++ b/src/lxc/start.c
|
||||
@@ -380,6 +380,12 @@ static int signal_handler(int fd, uint32_t events, void *data,
|
||||
return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
|
||||
}
|
||||
|
||||
+ if (siginfo.ssi_signo != SIGCHLD) {
|
||||
+ kill(hdlr->pid, siginfo.ssi_signo);
|
||||
+ INFO("Forwarded signal %d to pid %d", siginfo.ssi_signo, hdlr->pid);
|
||||
+ return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
|
||||
+ }
|
||||
+
|
||||
/* More robustness, protect ourself from a SIGCHLD sent
|
||||
* by a process different from the container init.
|
||||
*/
|
||||
@@ -389,12 +395,6 @@ static int signal_handler(int fd, uint32_t events, void *data,
|
||||
return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
|
||||
}
|
||||
|
||||
- if (siginfo.ssi_signo != SIGCHLD) {
|
||||
- kill(hdlr->pid, siginfo.ssi_signo);
|
||||
- INFO("Forwarded signal %d to pid %d", siginfo.ssi_signo, hdlr->pid);
|
||||
- return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
|
||||
- }
|
||||
-
|
||||
if (siginfo.ssi_code == CLD_STOPPED) {
|
||||
INFO("Container init process was stopped");
|
||||
return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
|
||||
--
|
||||
2.11.0
|
||||
|
35
debian/patches/fixes/0009-conf-fix-temporary-file-creation.patch
vendored
Normal file
35
debian/patches/fixes/0009-conf-fix-temporary-file-creation.patch
vendored
Normal file
@ -0,0 +1,35 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
Date: Fri, 6 Apr 2018 10:54:02 +0200
|
||||
Subject: [PATCH] conf: fix temporary file creation
|
||||
|
||||
lxc_make_tmpfile() uses mkstemp() internally, and thus expects the
|
||||
template to contain 'XXXXXX' and be writable.
|
||||
|
||||
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>
|
||||
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
---
|
||||
src/lxc/conf.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
|
||||
index a604adbb..c1193675 100644
|
||||
--- a/src/lxc/conf.c
|
||||
+++ b/src/lxc/conf.c
|
||||
@@ -2277,9 +2277,12 @@ FILE *make_anonymous_mount_file(struct lxc_list *mount)
|
||||
|
||||
fd = memfd_create(".lxc_mount_file", MFD_CLOEXEC);
|
||||
if (fd < 0) {
|
||||
+ char template[] = P_tmpdir "/.lxc_mount_file_XXXXXX";
|
||||
+
|
||||
if (errno != ENOSYS)
|
||||
return NULL;
|
||||
- fd = lxc_make_tmpfile((char *){P_tmpdir "/.lxc_mount_file"}, true);
|
||||
+
|
||||
+ fd = lxc_make_tmpfile(template, true);
|
||||
if (fd < 0) {
|
||||
SYSERROR("Could not create temporary mount file");
|
||||
return NULL;
|
||||
--
|
||||
2.11.0
|
||||
|
35
debian/patches/fixes/0010-ringbuf-fix-temporary-file-creation.patch
vendored
Normal file
35
debian/patches/fixes/0010-ringbuf-fix-temporary-file-creation.patch
vendored
Normal file
@ -0,0 +1,35 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
Date: Fri, 6 Apr 2018 10:54:41 +0200
|
||||
Subject: [PATCH] ringbuf: fix temporary file creation
|
||||
|
||||
lxc_make_tmpfile() uses mkstemp() internally, and thus expects the
|
||||
template to contain 'XXXXXX' and be writable.
|
||||
|
||||
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>
|
||||
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|
||||
---
|
||||
src/lxc/ringbuf.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/lxc/ringbuf.c b/src/lxc/ringbuf.c
|
||||
index 1299fe70..7aa2e631 100644
|
||||
--- a/src/lxc/ringbuf.c
|
||||
+++ b/src/lxc/ringbuf.c
|
||||
@@ -52,10 +52,12 @@ int lxc_ringbuf_create(struct lxc_ringbuf *buf, size_t size)
|
||||
|
||||
memfd = memfd_create(".lxc_ringbuf", MFD_CLOEXEC);
|
||||
if (memfd < 0) {
|
||||
+ char template[] = P_tmpdir "/.lxc_ringbuf_XXXXXX";
|
||||
+
|
||||
if (errno != ENOSYS)
|
||||
goto on_error;
|
||||
|
||||
- memfd = lxc_make_tmpfile((char *){P_tmpdir"/.lxc_ringbuf_XXXXXX"}, true);
|
||||
+ memfd = lxc_make_tmpfile(template, true);
|
||||
}
|
||||
if (memfd < 0)
|
||||
goto on_error;
|
||||
--
|
||||
2.11.0
|
||||
|
10
debian/patches/series
vendored
10
debian/patches/series
vendored
@ -6,3 +6,13 @@
|
||||
0006-rename-cgroup-namespace-directory-to-ns.patch
|
||||
0007-possibility-to-run-lxc-monitord-as-a-regular-daemon.patch
|
||||
0008-Make-lxc-.service-forking.patch
|
||||
fixes/0001-conf-ret-try-devpts-mount-without-gid-5-on-error.patch
|
||||
fixes/0002-Fix-the-memory-leak-in-cgfsng_attach.patch
|
||||
fixes/0003-Fix-memory-leak-in-list_active_containers.patch
|
||||
fixes/0004-pam-cgfs-ignore-the-system-umask-when-creating-the-c.patch
|
||||
fixes/0005-attach-always-drop-supplementary-groups.patch
|
||||
fixes/0006-storage-rsync-free-memory-on-error.patch
|
||||
fixes/0007-tools-utils-free-memory-on-error.patch
|
||||
fixes/0008-fix-signal-sending-in-lxc.init.patch
|
||||
fixes/0009-conf-fix-temporary-file-creation.patch
|
||||
fixes/0010-ringbuf-fix-temporary-file-creation.patch
|
||||
|
Loading…
x
Reference in New Issue
Block a user