On 07/17/2013 04:30 AM, Michal Privoznik wrote:
On 17.07.2013 11:43, Daniel P. Berrange wrote:
On Wed, Jul 17, 2013 at 11:28:42AM +0200, Michal Privoznik wrote:
Commit 75c1256 states that virGetGroupList must not be called between fork and exec, then commit ee777e99 promptly violated that for lxc.
Patch originally posted by Eric Blake <eblake@redhat.com>. --- src/lxc/lxc_container.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-)
Thanks; I had the same changes locally, but guess I hadn't posted them yet.
VIR_DEBUG("Set UID/GID to 0/0"); if (def->idmap.nuidmap && - ((ngroups = virGetGroupList(0, 0, &groups) < 0) || - virSetUIDGID(0, 0, groups, ngroups) < 0)) { + virSetUIDGID(0, 0, groups, ngroups) < 0) {
How does this compile ? You're removing the 'groups' and 'ngroups' variables but still referencing them here. Don't you mean to use NULL, 0 as the args for virSetUIDGID }
Yes, the 'NULL, 0' change squashed in is required :) -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org