lxc_setup_for_attach changes the context of the current running process in
such a way that it matches that of the container it is supposed to attach to
(personality, capabilities).
---
src/lxc/conf.c | 16 ++++++++++++++++
src/lxc/conf.h | 2 ++
2 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index d3c1052..24f10e8 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1945,3 +1945,19 @@ int lxc_setup(const char *name, struct lxc_conf
*lxc_conf)
return 0;
}
+
+int lxc_setup_for_attach(const char *name, struct lxc_conf *lxc_conf, int
keep_capabilities)
+{
+ if (setup_personality(lxc_conf->personality)) {
+ ERROR("failed to setup personality");
+ return -1;
+ }
+
+ if (!keep_capabilities && setup_caps(&lxc_conf->caps)) {
+ ERROR("failed to drop capabilities");
+ return -1;
+ }
+
+ return 0;
+}
+
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 973f694..745a840 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -232,4 +232,6 @@ extern void lxc_delete_tty(struct lxc_tty_info *tty_info);
*/
extern int lxc_setup(const char *name, struct lxc_conf *lxc_conf);
+extern int lxc_setup_for_attach(const char *name, struct lxc_conf *lxc_conf,
int keep_capabilities);
+
#endif
--
1.7.2.5
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
