fix bug: unpriv lxc will run lxc.net.[i].script.up now

Signed-off-by: harryoooooooooo <ymsc27884@gmail.com>
lxc · Jun 9, 2018 · 4d78168 · 4d78168
1 parent 9b7f09d
commit 4d78168
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 5 deletions.
diff --git a/src/lxc/network.c b/src/lxc/network.c
@@ -2097,7 +2097,7 @@ int lxc_find_gateway_addresses(struct lxc_handler *handler)
 
 #define LXC_USERNIC_PATH LIBEXECDIR "/lxc/lxc-user-nic"
 static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcname,
-					  struct lxc_netdev *netdev, pid_t pid)
+					  struct lxc_netdev *netdev, pid_t pid, unsigned int hooks_version)
 {
 	int ret;
 	pid_t child;
@@ -2242,6 +2242,21 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna
 		return -1;
 	}
 
+	if (netdev->upscript) {
+		char *argv[] = {
+			"veth",
+			netdev->link,
+			netdev->priv.veth_attr.veth1,
+			NULL,
+		};
+
+		ret = run_script_argv(lxcname,
+				hooks_version, "net",
+				netdev->upscript, "up", argv);
+		if (ret < 0)
+			return -1;
+    }
+
 	return 0;
 }
 
@@ -2499,7 +2514,7 @@ int lxc_network_move_created_netdev_priv(const char *lxcpath, const char *lxcnam
 }
 
 int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
-			      struct lxc_list *network, pid_t pid)
+			      struct lxc_list *network, pid_t pid, unsigned int hooks_version)
 {
 	struct lxc_list *iterator;
 
@@ -2525,7 +2540,7 @@ int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
 		if (netdev->mtu)
 			INFO("mtu ignored due to insufficient privilege");
 
-		if (lxc_create_network_unpriv_exec(lxcpath, lxcname, netdev, pid))
+		if (lxc_create_network_unpriv_exec(lxcpath, lxcname, netdev, pid, hooks_version))
 			return -1;
 	}
 

diff --git a/src/lxc/network.h b/src/lxc/network.h
@@ -263,7 +263,7 @@ extern int lxc_network_move_created_netdev_priv(const char *lxcpath,
 extern void lxc_delete_network(struct lxc_handler *handler);
 extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
 extern int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
-				     struct lxc_list *network, pid_t pid);
+				     struct lxc_list *network, pid_t pid, unsigned int hook_version);
 extern int lxc_requests_empty_network(struct lxc_handler *handler);
 extern int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler);
 extern int lxc_setup_network_in_child_namespaces(const struct lxc_conf *conf,

diff --git a/src/lxc/start.c b/src/lxc/start.c
@@ -1707,7 +1707,7 @@ static int lxc_spawn(struct lxc_handler *handler)
 		}
 
 		ret = lxc_create_network_unpriv(handler->lxcpath, handler->name,
-						&conf->network, handler->pid);
+						&conf->network, handler->pid, conf->hooks_version);
 		if (ret < 0) {
 			ERROR("Failed to create the configured network");
 			goto out_delete_net;