merged. Bruce
In message: [meta-virtualization][master-next][PATCH] lxc: Fix -c command for lxc-attach on 16/09/2021 sana kazi wrote: > Added fix_c_command.patch the -c command seems to be broken because > the passed context is ignored and always overwritten by the context > specified in the config file. > > Signed-off-by: Sana Kazi <[email protected]> > Signed-off-by: Sana Kazi <[email protected]> > --- > .../lxc/files/fix_c_command.patch | 36 +++++++++++++++++++ > recipes-containers/lxc/lxc_git.bb | 1 + > 2 files changed, 37 insertions(+) > create mode 100644 recipes-containers/lxc/files/fix_c_command.patch > > diff --git a/recipes-containers/lxc/files/fix_c_command.patch > b/recipes-containers/lxc/files/fix_c_command.patch > new file mode 100644 > index 0000000..1ed8daf > --- /dev/null > +++ b/recipes-containers/lxc/files/fix_c_command.patch > @@ -0,0 +1,36 @@ > +From 9becf309a81806ef08acf9ca99ab95c1bcfa1f65 Mon Sep 17 00:00:00 2001 > +From: Maximilian Blenk <[email protected]> > +Date: Mon, 23 Aug 2021 15:39:28 +0200 > +Subject: [PATCH] attach: Fix -c command > + > +Currently, the -c command (to set the selinux context) seems to be > +broken because the passed context is ignored and always overwritten by > +the context specified in the config file. The intention behind the -c > +imho was to be able to manually overwrite this behavior. This patch > +ensures that the selinux context will be set if passed via the command > +line. > + > +Signed-off-by: Maximilian Blenk <[email protected]> > +--- > + src/lxc/tools/lxc_attach.c | 5 ++++- > + 1 file changed, 4 insertions(+), 1 deletion(-) > + > +Upstream-Status: Backport > [https://github.com/lxc/lxc/commit/9becf309a81806ef08acf9ca99ab95c1bcfa1f65.patch] > +Comment: No change in any hunk > + > +diff --git a/src/lxc/tools/lxc_attach.c b/src/lxc/tools/lxc_attach.c > +index 0374d980b4..e6b388b20c 100644 > +--- a/src/lxc/tools/lxc_attach.c > ++++ b/src/lxc/tools/lxc_attach.c > +@@ -379,7 +379,10 @@ int main(int argc, char *argv[]) > + attach_options.gid = my_args.gid; > + > + // selinux_context will be NULL if not set > +- attach_options.lsm_label = selinux_context; > ++ if (selinux_context) { > ++ attach_options.attach_flags |= LXC_ATTACH_LSM_LABEL; > ++ attach_options.lsm_label = selinux_context; > ++ } > + > + if (command.program) { > + ret = c->attach_run_wait(c, &attach_options, command.program, > diff --git a/recipes-containers/lxc/lxc_git.bb > b/recipes-containers/lxc/lxc_git.bb > index 3215928..f5b5128 100644 > --- a/recipes-containers/lxc/lxc_git.bb > +++ b/recipes-containers/lxc/lxc_git.bb > @@ -50,6 +50,7 @@ SRC_URI = "git://github.com/lxc/lxc.git;branch=stable-4.0 \ > file://dnsmasq.conf \ > file://lxc-net \ > file://enable_seccomp_profile_when_compiled_libseccomp.patch \ > + file://fix_c_command.patch \ > " > > SRCREV = "cec7cb14b2a4367d4cb21a90e1b90d0f98a9d874" > -- > 2.17.1 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#6787): https://lists.yoctoproject.org/g/meta-virtualization/message/6787 Mute This Topic: https://lists.yoctoproject.org/mt/85645441/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
