diff --git a/debian/patches/fixes/0001-conf-ret-try-devpts-mount-without-gid-5-on-error.patch b/debian/patches/fixes/0001-conf-ret-try-devpts-mount-without-gid-5-on-error.patch new file mode 100644 index 0000000..217982a --- /dev/null +++ b/debian/patches/fixes/0001-conf-ret-try-devpts-mount-without-gid-5-on-error.patch @@ -0,0 +1,67 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Christian Brauner +Date: Thu, 12 Apr 2018 11:12:06 +0200 +Subject: [PATCH] conf: ret-try devpts mount without gid=5 on error + +We should always default to mounting devpts with gid=5 but we should fallback +to mounting without gid=5. This let's us cover use-cases such as container +started with only a single mapping e.g.: + +lxc.idmap = u 1000 1000 1 +lxc.idmap = g 1000 1000 1 + +Closes #2257. + +Signed-off-by: Christian Brauner +--- + src/lxc/conf.c | 18 +++++++++--------- + 1 file changed, 9 insertions(+), 9 deletions(-) + +diff --git a/src/lxc/conf.c b/src/lxc/conf.c +index fe30800d..a604adbb 100644 +--- a/src/lxc/conf.c ++++ b/src/lxc/conf.c +@@ -1503,7 +1503,7 @@ static struct id_map *find_mapped_nsid_entry(struct lxc_conf *conf, unsigned id, + static int lxc_setup_devpts(struct lxc_conf *conf) + { + int ret; +- const char *default_devpts_mntopts; ++ const char *default_devpts_mntopts = "gid=5,newinstance,ptmxmode=0666,mode=0620"; + char devpts_mntopts[256]; + + if (conf->pts <= 0) { +@@ -1512,11 +1512,6 @@ static int lxc_setup_devpts(struct lxc_conf *conf) + return 0; + } + +- if (!find_mapped_nsid_entry(conf, 5, ID_TYPE_GID)) +- default_devpts_mntopts = "newinstance,ptmxmode=0666,mode=0620"; +- else +- default_devpts_mntopts = "newinstance,ptmxmode=0666,mode=0620,gid=5"; +- + ret = snprintf(devpts_mntopts, sizeof(devpts_mntopts), "%s,max=%d", + default_devpts_mntopts, conf->pts); + if (ret < 0 || (size_t)ret >= sizeof(devpts_mntopts)) +@@ -1540,11 +1535,16 @@ static int lxc_setup_devpts(struct lxc_conf *conf) + return -1; + } + +- /* Mount new devpts instance. */ ++ /* mount new devpts instance */ + ret = mount("devpts", "/dev/pts", "devpts", MS_NOSUID | MS_NOEXEC, devpts_mntopts); + if (ret < 0) { +- SYSERROR("Failed to mount new devpts instance"); +- return -1; ++ /* try mounting without gid=5 */ ++ ret = mount("devpts", "/dev/pts", "devpts", ++ MS_NOSUID | MS_NOEXEC, devpts_mntopts + sizeof("gid=5")); ++ if (ret < 0) { ++ SYSERROR("Failed to mount new devpts instance"); ++ return -1; ++ } + } + DEBUG("Mount new devpts instance with options \"%s\"", devpts_mntopts); + +-- +2.11.0 + diff --git a/debian/patches/fixes/0002-Fix-the-memory-leak-in-cgfsng_attach.patch b/debian/patches/fixes/0002-Fix-the-memory-leak-in-cgfsng_attach.patch new file mode 100644 index 0000000..04e258f --- /dev/null +++ b/debian/patches/fixes/0002-Fix-the-memory-leak-in-cgfsng_attach.patch @@ -0,0 +1,25 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: LiFeng +Date: Tue, 24 Apr 2018 12:53:57 -0400 +Subject: [PATCH] Fix the memory leak in cgfsng_attach + +Signed-off-by: LiFeng +--- + src/lxc/cgroups/cgfsng.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c +index b48f997f..689e4fe5 100644 +--- a/src/lxc/cgroups/cgfsng.c ++++ b/src/lxc/cgroups/cgfsng.c +@@ -2549,6 +2549,7 @@ static bool cgfsng_attach(const char *name, const char *lxcpath, pid_t pid) + continue; + + fullpath = build_full_cgpath_from_monitorpath(h, path, "cgroup.procs"); ++ free(path); + ret = lxc_write_to_file(fullpath, pidstr, len, false); + if (ret < 0) { + SYSERROR("Failed to attach %d to %s", (int)pid, fullpath); +-- +2.11.0 + diff --git a/debian/patches/fixes/0003-Fix-memory-leak-in-list_active_containers.patch b/debian/patches/fixes/0003-Fix-memory-leak-in-list_active_containers.patch new file mode 100644 index 0000000..bf0b177 --- /dev/null +++ b/debian/patches/fixes/0003-Fix-memory-leak-in-list_active_containers.patch @@ -0,0 +1,71 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: LiFeng +Date: Tue, 24 Apr 2018 15:10:15 -0400 +Subject: [PATCH] Fix memory leak in list_active_containers + +Signed-off-by: LiFeng +--- + src/lxc/lxccontainer.c | 25 +++++++++++++++++++++---- + 1 file changed, 21 insertions(+), 4 deletions(-) + +diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c +index 6d41b6cf..6a58d81c 100644 +--- a/src/lxc/lxccontainer.c ++++ b/src/lxc/lxccontainer.c +@@ -4973,32 +4973,49 @@ int list_active_containers(const char *lxcpath, char ***nret, + char *recvpath = lxc_cmd_get_lxcpath(p); + if (!recvpath) + continue; +- if (strncmp(lxcpath, recvpath, lxcpath_len) != 0) ++ if (strncmp(lxcpath, recvpath, lxcpath_len) != 0) { ++ free(recvpath); + continue; ++ } ++ free(recvpath); + p = lxc_cmd_get_name(p); + if (!p) + continue; + } + +- if (array_contains(&ct_name, p, ct_name_cnt)) ++ if (array_contains(&ct_name, p, ct_name_cnt)) { ++ if (is_hashed) ++ free(p); + continue; ++ } + +- if (!add_to_array(&ct_name, p, ct_name_cnt)) ++ if (!add_to_array(&ct_name, p, ct_name_cnt)) { ++ if (is_hashed) ++ free(p); + goto free_cret_list; ++ } + + ct_name_cnt++; + +- if (!cret) ++ if (!cret) { ++ if (is_hashed) ++ free(p); + continue; ++ } + + c = lxc_container_new(p, lxcpath); + if (!c) { + INFO("Container %s:%s is running but could not be loaded", + lxcpath, p); + remove_from_array(&ct_name, p, ct_name_cnt--); ++ if (is_hashed) ++ free(p); + continue; + } + ++ if (is_hashed) ++ free(p); ++ + /* + * If this is an anonymous container, then is_defined *can* + * return false. So we don't do that check. Count on the +-- +2.11.0 + diff --git a/debian/patches/fixes/0004-pam-cgfs-ignore-the-system-umask-when-creating-the-c.patch b/debian/patches/fixes/0004-pam-cgfs-ignore-the-system-umask-when-creating-the-c.patch new file mode 100644 index 0000000..547192e --- /dev/null +++ b/debian/patches/fixes/0004-pam-cgfs-ignore-the-system-umask-when-creating-the-c.patch @@ -0,0 +1,58 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Jonathan Calmels +Date: Mon, 16 Apr 2018 12:30:33 -0700 +Subject: [PATCH] pam-cgfs: ignore the system umask when creating the cgroup + hierarchy + +Fixes: #2277 +Signed-off-by: Jonathan Calmels +--- + src/lxc/pam/pam_cgfs.c | 18 ++++++++++++++++-- + 1 file changed, 16 insertions(+), 2 deletions(-) + +diff --git a/src/lxc/pam/pam_cgfs.c b/src/lxc/pam/pam_cgfs.c +index 3df8daef..5c272b0e 100644 +--- a/src/lxc/pam/pam_cgfs.c ++++ b/src/lxc/pam/pam_cgfs.c +@@ -223,6 +223,20 @@ static bool cgv2_prune_empty_cgroups(const char *user); + static bool cgv2_remove(const char *cgroup); + static bool is_cgv2(char *line); + ++static int do_mkdir(const char *path, mode_t mode) ++{ ++ int saved_errno; ++ mode_t mask; ++ int r; ++ ++ mask = umask(0); ++ r = mkdir(path, mode); ++ saved_errno = errno; ++ umask(mask); ++ errno = saved_errno; ++ return (r); ++} ++ + /* Create directory and (if necessary) its parents. */ + static bool mkdir_parent(const char *root, char *path) + { +@@ -252,7 +266,7 @@ static bool mkdir_parent(const char *root, char *path) + if (file_exists(path)) + goto next; + +- if (mkdir(path, 0755) < 0) { ++ if (do_mkdir(path, 0755) < 0) { + pam_cgfs_debug("Failed to create %s: %s.\n", path, strerror(errno)); + return false; + } +@@ -1963,7 +1977,7 @@ static bool cgv1_handle_cpuset_hierarchy(struct cgv1_hierarchy *h, + cgpath = must_make_path(h->mountpoint, h->base_cgroup, cgroup, NULL); + if (slash) + *slash = '/'; +- if (mkdir(cgpath, 0755) < 0 && errno != EEXIST) { ++ if (do_mkdir(cgpath, 0755) < 0 && errno != EEXIST) { + pam_cgfs_debug("Failed to create '%s'", cgpath); + free(cgpath); + return false; +-- +2.11.0 + diff --git a/debian/patches/fixes/0005-attach-always-drop-supplementary-groups.patch b/debian/patches/fixes/0005-attach-always-drop-supplementary-groups.patch new file mode 100644 index 0000000..9cd29db --- /dev/null +++ b/debian/patches/fixes/0005-attach-always-drop-supplementary-groups.patch @@ -0,0 +1,36 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Christian Brauner +Date: Mon, 9 Apr 2018 18:01:38 +0200 +Subject: [PATCH] attach: always drop supplementary groups + +Closes #1704. + +Signed-off-by: Christian Brauner +--- + src/lxc/attach.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/lxc/attach.c b/src/lxc/attach.c +index 9a8a836d..3b715272 100644 +--- a/src/lxc/attach.c ++++ b/src/lxc/attach.c +@@ -870,12 +870,12 @@ static int attach_child_main(struct attach_clone_payload *payload) + ret = lxc_switch_uid_gid(new_uid, new_gid); + if (ret < 0) + goto on_error; +- +- ret = lxc_setgroups(0, NULL); +- if (ret < 0) +- goto on_error; + } + ++ ret = lxc_setgroups(0, NULL); ++ if (ret < 0) ++ goto on_error; ++ + if ((init_ctx->container && init_ctx->container->lxc_conf && + init_ctx->container->lxc_conf->no_new_privs) || + (options->attach_flags & LXC_ATTACH_NO_NEW_PRIVS)) { +-- +2.11.0 + diff --git a/debian/patches/fixes/0006-storage-rsync-free-memory-on-error.patch b/debian/patches/fixes/0006-storage-rsync-free-memory-on-error.patch new file mode 100644 index 0000000..2918f42 --- /dev/null +++ b/debian/patches/fixes/0006-storage-rsync-free-memory-on-error.patch @@ -0,0 +1,32 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: C0deAi +Date: Fri, 6 Apr 2018 12:46:53 -0400 +Subject: [PATCH] storage/rsync: free memory on error + +Closes #2262. + +Signed-off-by: C0deAi +Signed-off-by: Christian Brauner +--- + src/lxc/storage/rsync.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/lxc/storage/rsync.c b/src/lxc/storage/rsync.c +index c3080a56..83871ae8 100644 +--- a/src/lxc/storage/rsync.c ++++ b/src/lxc/storage/rsync.c +@@ -73,8 +73,10 @@ int lxc_rsync_exec(const char *src, const char *dest) + return -1; + + ret = snprintf(s, l, "%s", src); +- if (ret < 0 || (size_t)ret >= l) ++ if (ret < 0 || (size_t)ret >= l) { ++ free(s); + return -1; ++ } + + s[l - 2] = '/'; + s[l - 1] = '\0'; +-- +2.11.0 + diff --git a/debian/patches/fixes/0007-tools-utils-free-memory-on-error.patch b/debian/patches/fixes/0007-tools-utils-free-memory-on-error.patch new file mode 100644 index 0000000..f62d635 --- /dev/null +++ b/debian/patches/fixes/0007-tools-utils-free-memory-on-error.patch @@ -0,0 +1,33 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: C0deAi +Date: Fri, 6 Apr 2018 12:56:50 -0400 +Subject: [PATCH] tools/utils: free memory on error + +Closes #2262. + +Signed-off-by: C0deAi +Signed-off-by: Christian Brauner +--- + src/lxc/tools/tool_utils.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/lxc/tools/tool_utils.c b/src/lxc/tools/tool_utils.c +index ca325456..71e5036b 100644 +--- a/src/lxc/tools/tool_utils.c ++++ b/src/lxc/tools/tool_utils.c +@@ -794,8 +794,11 @@ int lxc_config_define_add(struct lxc_list *defines, char *arg) + return -1; + + dent->elem = parse_line(arg); +- if (!dent->elem) ++ if (!dent->elem) { ++ free(dent); + return -1; ++ } ++ + lxc_list_add_tail(defines, dent); + return 0; + } +-- +2.11.0 + diff --git a/debian/patches/fixes/0008-fix-signal-sending-in-lxc.init.patch b/debian/patches/fixes/0008-fix-signal-sending-in-lxc.init.patch new file mode 100644 index 0000000..cdad9c8 --- /dev/null +++ b/debian/patches/fixes/0008-fix-signal-sending-in-lxc.init.patch @@ -0,0 +1,54 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Tycho Andersen +Date: Wed, 4 Apr 2018 17:45:29 -0600 +Subject: [PATCH] fix signal sending in lxc.init + +The problem here is that these two clauses were ordered backwards: we first +check if the signal came from not the init pid, and if it did, then we give +a notice and return. The comment notes that this is intended to protect +against SIGCHLD, but we don't in fact know if the signal is a SIGCHLD yet, +because that's tested in the next hunk. + +The symptom is that if I e.g. send SIGTERM from the outside world to the +container init, it ignores it and gives this notice. If we re-order these +clauses, it forwards non SIGCHLD signals, and ignores SIGCHLD signals from +things that aren't the real container process. + +Signed-off-by: Tycho Andersen +--- + src/lxc/start.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/lxc/start.c b/src/lxc/start.c +index ae13aae9..1982270e 100644 +--- a/src/lxc/start.c ++++ b/src/lxc/start.c +@@ -380,6 +380,12 @@ static int signal_handler(int fd, uint32_t events, void *data, + return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0; + } + ++ if (siginfo.ssi_signo != SIGCHLD) { ++ kill(hdlr->pid, siginfo.ssi_signo); ++ INFO("Forwarded signal %d to pid %d", siginfo.ssi_signo, hdlr->pid); ++ return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0; ++ } ++ + /* More robustness, protect ourself from a SIGCHLD sent + * by a process different from the container init. + */ +@@ -389,12 +395,6 @@ static int signal_handler(int fd, uint32_t events, void *data, + return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0; + } + +- if (siginfo.ssi_signo != SIGCHLD) { +- kill(hdlr->pid, siginfo.ssi_signo); +- INFO("Forwarded signal %d to pid %d", siginfo.ssi_signo, hdlr->pid); +- return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0; +- } +- + if (siginfo.ssi_code == CLD_STOPPED) { + INFO("Container init process was stopped"); + return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0; +-- +2.11.0 + diff --git a/debian/patches/fixes/0009-conf-fix-temporary-file-creation.patch b/debian/patches/fixes/0009-conf-fix-temporary-file-creation.patch new file mode 100644 index 0000000..301d1f1 --- /dev/null +++ b/debian/patches/fixes/0009-conf-fix-temporary-file-creation.patch @@ -0,0 +1,35 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Christian Brauner +Date: Fri, 6 Apr 2018 10:54:02 +0200 +Subject: [PATCH] conf: fix temporary file creation + +lxc_make_tmpfile() uses mkstemp() internally, and thus expects the +template to contain 'XXXXXX' and be writable. + +Signed-off-by: Thomas Moschny +Signed-off-by: Christian Brauner +--- + src/lxc/conf.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/lxc/conf.c b/src/lxc/conf.c +index a604adbb..c1193675 100644 +--- a/src/lxc/conf.c ++++ b/src/lxc/conf.c +@@ -2277,9 +2277,12 @@ FILE *make_anonymous_mount_file(struct lxc_list *mount) + + fd = memfd_create(".lxc_mount_file", MFD_CLOEXEC); + if (fd < 0) { ++ char template[] = P_tmpdir "/.lxc_mount_file_XXXXXX"; ++ + if (errno != ENOSYS) + return NULL; +- fd = lxc_make_tmpfile((char *){P_tmpdir "/.lxc_mount_file"}, true); ++ ++ fd = lxc_make_tmpfile(template, true); + if (fd < 0) { + SYSERROR("Could not create temporary mount file"); + return NULL; +-- +2.11.0 + diff --git a/debian/patches/fixes/0010-ringbuf-fix-temporary-file-creation.patch b/debian/patches/fixes/0010-ringbuf-fix-temporary-file-creation.patch new file mode 100644 index 0000000..7c6e7d1 --- /dev/null +++ b/debian/patches/fixes/0010-ringbuf-fix-temporary-file-creation.patch @@ -0,0 +1,35 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Christian Brauner +Date: Fri, 6 Apr 2018 10:54:41 +0200 +Subject: [PATCH] ringbuf: fix temporary file creation + +lxc_make_tmpfile() uses mkstemp() internally, and thus expects the +template to contain 'XXXXXX' and be writable. + +Signed-off-by: Thomas Moschny +Signed-off-by: Christian Brauner +--- + src/lxc/ringbuf.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/lxc/ringbuf.c b/src/lxc/ringbuf.c +index 1299fe70..7aa2e631 100644 +--- a/src/lxc/ringbuf.c ++++ b/src/lxc/ringbuf.c +@@ -52,10 +52,12 @@ int lxc_ringbuf_create(struct lxc_ringbuf *buf, size_t size) + + memfd = memfd_create(".lxc_ringbuf", MFD_CLOEXEC); + if (memfd < 0) { ++ char template[] = P_tmpdir "/.lxc_ringbuf_XXXXXX"; ++ + if (errno != ENOSYS) + goto on_error; + +- memfd = lxc_make_tmpfile((char *){P_tmpdir"/.lxc_ringbuf_XXXXXX"}, true); ++ memfd = lxc_make_tmpfile(template, true); + } + if (memfd < 0) + goto on_error; +-- +2.11.0 + diff --git a/debian/patches/series b/debian/patches/series index 3ff7181..fdc018c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -6,3 +6,13 @@ 0006-rename-cgroup-namespace-directory-to-ns.patch 0007-possibility-to-run-lxc-monitord-as-a-regular-daemon.patch 0008-Make-lxc-.service-forking.patch +fixes/0001-conf-ret-try-devpts-mount-without-gid-5-on-error.patch +fixes/0002-Fix-the-memory-leak-in-cgfsng_attach.patch +fixes/0003-Fix-memory-leak-in-list_active_containers.patch +fixes/0004-pam-cgfs-ignore-the-system-umask-when-creating-the-c.patch +fixes/0005-attach-always-drop-supplementary-groups.patch +fixes/0006-storage-rsync-free-memory-on-error.patch +fixes/0007-tools-utils-free-memory-on-error.patch +fixes/0008-fix-signal-sending-in-lxc.init.patch +fixes/0009-conf-fix-temporary-file-creation.patch +fixes/0010-ringbuf-fix-temporary-file-creation.patch