On Thu, May 23, 2013 at 12:06:47PM +0800, Gao feng wrote:
Make sure the mapping line contains the root user of container
is the first element of idmap array. So we can get the real
user id on host for the container easily.
This patch also check the map information, User must map
the root user of container to any user of host.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
src/conf/domain_conf.c | 20
1 file changed, 20 insertions(+)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index a3c5c84..e271f5a 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -10061,6 +10061,14 @@ cleanup:
}
+static int virDomainIdMapEntrySort(const void *a, const void *b)
+{
+const virDomainIdMapEntryPtr entrya = (const virDomainIdMapEntryPtr) a;
+const virDomainIdMapEntryPtr entryb = (const virDomainIdMapEntryPtr) b;
+
+return entrya-start entryb-start;
That isn't compliant with qsort requirements. You need to
return -ve, 0 or +ve. So
if (entrya-start entryb-start)
return 1;
else if (entrya-start entryb-start)
return -1;
else
return 0;
@@ -10088,6 +10096,18 @@ virDomainIdmapDefParseXML(const xmlNodePtr *node,
virXPathUInt(string(./@target), ctxt, idmap[i].target);
virXPathUInt(string(./@count), ctxt, idmap[i].count);
}
+
+qsort(idmap, num, sizeof(idmap[0]), virDomainIdMapEntrySort);
+
+if (idmap[0].start != 0) {
+/* Root user of container hasn't been mapped to any user of host,
+ * return error. */
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s,
+ _(You must map the root user of container));
+VIR_FREE(idmap);
+idmap = NULL;
+}
+
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
