Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
anbox
提交
bc4ce254
A
anbox
项目概览
openeuler
/
anbox
通知
24
Star
1
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
A
anbox
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
bc4ce254
编写于
5月 27, 2017
作者:
S
Simon Fels
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Migrate permissions of /data correctly for existing installations
上级
e82afd1e
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
25 addition
and
9 deletion
+25
-9
src/anbox/container/lxc_container.cpp
src/anbox/container/lxc_container.cpp
+25
-9
未找到文件。
src/anbox/container/lxc_container.cpp
浏览文件 @
bc4ce254
...
@@ -32,6 +32,9 @@
...
@@ -32,6 +32,9 @@
#include <sys/prctl.h>
#include <sys/prctl.h>
#include <sys/types.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/wait.h>
#include <sys/stat.h>
#include <unistd.h>
namespace
fs
=
boost
::
filesystem
;
namespace
fs
=
boost
::
filesystem
;
...
@@ -114,18 +117,31 @@ void LxcContainer::setup_network() {
...
@@ -114,18 +117,31 @@ void LxcContainer::setup_network() {
const
auto
data_ethernet_path
=
fs
::
path
(
"data"
)
/
"misc"
/
"ethernet"
;
const
auto
data_ethernet_path
=
fs
::
path
(
"data"
)
/
"misc"
/
"ethernet"
;
const
auto
ip_conf_dir
=
SystemConfiguration
::
instance
().
data_dir
()
/
data_ethernet_path
;
const
auto
ip_conf_dir
=
SystemConfiguration
::
instance
().
data_dir
()
/
data_ethernet_path
;
if
(
!
fs
::
exists
(
ip_conf_dir
))
{
if
(
!
fs
::
exists
(
ip_conf_dir
))
fs
::
create_directories
(
ip_conf_dir
);
fs
::
create_directories
(
ip_conf_dir
);
// We have to walk through the created directory hierachy now and
// We have to walk through the created directory hierachy now and
// ensure the permissions are set correctly. Otherwise the Android
// ensure the permissions are set correctly. Otherwise the Android
// system will fail to boot as it isn't allowed to write anything
// system will fail to boot as it isn't allowed to write anything
// into these directories.
// into these directories. As previous versions of Anbox which were
for
(
auto
iter
=
data_ethernet_path
.
begin
();
iter
!=
data_ethernet_path
.
end
();
iter
++
)
{
// published to our users did this incorrectly we need to check on
const
auto
path
=
SystemConfiguration
::
instance
().
data_dir
()
/
*
iter
;
// every startup if those directories are still owned by root and
if
(
::
chown
(
path
.
c_str
(),
unprivileged_user_id
,
unprivileged_user_id
)
<
0
)
// if they are we move them over to the unprivileged user.
WARNING
(
"Failed to set owner for path '%s'"
,
path
);
auto
path
=
SystemConfiguration
::
instance
().
data_dir
();
for
(
auto
iter
=
data_ethernet_path
.
begin
();
iter
!=
data_ethernet_path
.
end
();
iter
++
)
{
path
/=
*
iter
;
struct
stat
st
;
if
(
stat
(
path
.
c_str
(),
&
st
)
<
0
)
{
WARNING
(
"Cannot retrieve permissions of path %s"
,
path
);
continue
;
}
}
if
(
st
.
st_uid
!=
0
&&
st
.
st_gid
!=
0
)
continue
;
if
(
::
chown
(
path
.
c_str
(),
unprivileged_user_id
,
unprivileged_user_id
)
<
0
)
WARNING
(
"Failed to set owner for path '%s'"
,
path
);
}
}
const
auto
ip_conf_path
=
ip_conf_dir
/
"ipconfig.txt"
;
const
auto
ip_conf_path
=
ip_conf_dir
/
"ipconfig.txt"
;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
