In theory, we won't be able to run if our private area is not owned by ourselves. We could, if it have very wide open security permissions, but we should never set up a container like that.
Aside from a basic sanity check, this is intended to catch problems for the few people who may have already created containers that will be owned by root:root, and will now try to run it unprivileged. Signed-off-by: Glauber Costa <glom...@parallels.com> --- src/lib/env.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/lib/env.c b/src/lib/env.c index 2da848d..ff4dad2 100644 --- a/src/lib/env.c +++ b/src/lib/env.c @@ -30,6 +30,7 @@ #include <linux/reboot.h> #include <sys/mount.h> #include <sys/utsname.h> +#include <sys/stat.h> #include "vzerror.h" #include "res.h" @@ -551,6 +552,18 @@ int vps_start_custom(vps_handler *h, envid_t veid, vps_param *param, logger(-1, 0, "Container is already running"); return VZ_VE_RUNNING; } + if (!is_vz_kernel(h) && h->can_join_userns) { + struct stat private_stat; + stat(res->fs.private, &private_stat); + if ((private_stat.st_uid != *res->misc.local_uid) || + (private_stat.st_gid != *res->misc.local_gid)) { + logger(-1, 0, "Container private area is owned by %d:%d" + ", but configuration file says we should run with %lu:%lu.\n" + "Refusing to run.", private_stat.st_uid, private_stat.st_gid, + *res->misc.local_uid, *res->misc.local_gid); + return VZ_FS_BAD_TMPL; + } + } if ((ret = check_ub(h, &res->ub))) return ret; -- 1.7.11.7 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel