[libvirt] [PATCH]lxc: don't always print debug log in lxcContainerSetID
From: Chen Hanxiao <chenhanxiao@cn.fujitsu.com> lxcContainerSetID is used for user namespace. If we don't enable user namespace, don't print debug log. Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com> --- src/lxc/lxc_container.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 56df69e..ed1fe29 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -420,12 +420,14 @@ static int lxcContainerSetID(virDomainDefPtr def) * for this container. And user namespace is only enabled * when nuidmap&ngidmap is not zero */ - VIR_DEBUG("Set UID/GID to 0/0"); - if (def->idmap.nuidmap && - virSetUIDGID(0, 0, NULL, 0) < 0) { - virReportSystemError(errno, "%s", - _("setuid or setgid failed")); - return -1; + if (def->idmap.nuidmap) { + if (virSetUIDGID(0, 0, NULL, 0) < 0) { + virReportSystemError(errno, "%s", + _("setuid or setgid failed")); + return -1; + } else { + VIR_DEBUG("Set UID/GID to 0/0"); + } } return 0; -- 1.8.2.1
ping
-----Original Message----- From: Chen Hanxiao [mailto:chenhanxiao@cn.fujitsu.com] Sent: Wednesday, October 16, 2013 12:09 PM To: libvir-list@redhat.com Cc: chenhanxiao@cn.fujitsu.com Subject: [libvirt][PATCH]lxc: don't always print debug log in lxcContainerSetID
From: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
lxcContainerSetID is used for user namespace. If we don't enable user namespace, don't print debug log.
Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com> --- src/lxc/lxc_container.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 56df69e..ed1fe29 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -420,12 +420,14 @@ static int lxcContainerSetID(virDomainDefPtr def) * for this container. And user namespace is only enabled * when nuidmap&ngidmap is not zero */
- VIR_DEBUG("Set UID/GID to 0/0"); - if (def->idmap.nuidmap && - virSetUIDGID(0, 0, NULL, 0) < 0) { - virReportSystemError(errno, "%s", - _("setuid or setgid failed")); - return -1; + if (def->idmap.nuidmap) { + if (virSetUIDGID(0, 0, NULL, 0) < 0) { + virReportSystemError(errno, "%s", + _("setuid or setgid failed")); + return -1; + } else { + VIR_DEBUG("Set UID/GID to 0/0"); + } }
return 0; -- 1.8.2.1
ping
-----Original Message----- From: libvir-list-bounces@redhat.com [mailto:libvir-list-bounces@redhat.com] On Behalf Of Chen Hanxiao Sent: Tuesday, October 22, 2013 4:52 PM To: libvir-list@redhat.com Subject: Re: [libvirt] [PATCH]lxc: don't always print debug log in lxcContainerSetID
ping
-----Original Message----- From: Chen Hanxiao [mailto:chenhanxiao@cn.fujitsu.com] Sent: Wednesday, October 16, 2013 12:09 PM To: libvir-list@redhat.com Cc: chenhanxiao@cn.fujitsu.com Subject: [libvirt][PATCH]lxc: don't always print debug log in lxcContainerSetID
From: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
lxcContainerSetID is used for user namespace. If we don't enable user namespace, don't print debug log.
Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com> --- src/lxc/lxc_container.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 56df69e..ed1fe29 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -420,12 +420,14 @@ static int lxcContainerSetID(virDomainDefPtr def) * for this container. And user namespace is only enabled * when nuidmap&ngidmap is not zero */
- VIR_DEBUG("Set UID/GID to 0/0"); - if (def->idmap.nuidmap && - virSetUIDGID(0, 0, NULL, 0) < 0) { - virReportSystemError(errno, "%s", - _("setuid or setgid failed")); - return -1; + if (def->idmap.nuidmap) { + if (virSetUIDGID(0, 0, NULL, 0) < 0) { + virReportSystemError(errno, "%s", + _("setuid or setgid failed")); + return -1; + } else { + VIR_DEBUG("Set UID/GID to 0/0"); + } }
return 0; -- 1.8.2.1
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Wed, Oct 16, 2013 at 12:08:34PM +0800, Chen Hanxiao wrote:
From: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
lxcContainerSetID is used for user namespace. If we don't enable user namespace, don't print debug log.
Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com> --- src/lxc/lxc_container.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 56df69e..ed1fe29 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -420,12 +420,14 @@ static int lxcContainerSetID(virDomainDefPtr def) * for this container. And user namespace is only enabled * when nuidmap&ngidmap is not zero */
- VIR_DEBUG("Set UID/GID to 0/0"); - if (def->idmap.nuidmap && - virSetUIDGID(0, 0, NULL, 0) < 0) { - virReportSystemError(errno, "%s", - _("setuid or setgid failed")); - return -1; + if (def->idmap.nuidmap) { + if (virSetUIDGID(0, 0, NULL, 0) < 0) { + virReportSystemError(errno, "%s", + _("setuid or setgid failed")); + return -1; + } else { + VIR_DEBUG("Set UID/GID to 0/0"); + }
It is better to print the debug message *before* the call to virSetUIDGID, because then if it fails you have a log message clearly showing where it got to. As such I've pushed this instead: @@ -420,9 +420,11 @@ static int lxcContainerSetID(virDomainDefPtr def) * for this container. And user namespace is only enabled * when nuidmap&ngidmap is not zero */ - VIR_DEBUG("Set UID/GID to 0/0"); - if (def->idmap.nuidmap && - virSetUIDGID(0, 0, NULL, 0) < 0) { + if (!def->idmap.nuidmap) + return 0; + + VIR_DEBUG("Setting UID/GID to 0/0"); + if (virSetUIDGID(0, 0, NULL, 0) < 0) { virReportSystemError(errno, "%s", _("setuid or setgid failed")); return -1; Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
participants (2)
-
Chen Hanxiao -
Daniel P. Berrange