From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 13 Aug 2019 13:57:22 +0200 Subject: [PATCH lxc] PVE: [Config] attach: always use getent In debian buster, some libnss plugins (if installed) can cause getpwent to segfault instead of erroring out cleanly. To avoid this, stick to always using getent. Signed-off-by: Wolfgang Bumiller --- src/lxc/attach.c | 28 ++-------------------------- 1 file changed, 2 insertions(+), 26 deletions(-) diff --git a/src/lxc/attach.c b/src/lxc/attach.c index cd526ab6b..845270ee5 100644 --- a/src/lxc/attach.c +++ b/src/lxc/attach.c @@ -1841,12 +1841,8 @@ int lxc_attach_run_command(void *payload) int lxc_attach_run_shell(void* payload) { - __do_free char *buf = NULL; uid_t uid; - struct passwd pwent; - struct passwd *pwentp = NULL; char *user_shell; - ssize_t bufsize; int ret; /* Ignore payload parameter. */ @@ -1854,32 +1850,13 @@ int lxc_attach_run_shell(void* payload) uid = getuid(); - bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); - if (bufsize < 0) - bufsize = 1024; - - buf = malloc(bufsize); - if (buf) { - ret = getpwuid_r(uid, &pwent, buf, bufsize, &pwentp); - if (!pwentp) { - if (ret == 0) - WARN("Could not find matched password record"); - - WARN("Failed to get password record - %u", uid); - } - } - /* This probably happens because of incompatible nss implementations in * host and container (remember, this code is still using the host's * glibc but our mount namespace is in the container) we may try to get * the information by spawning a [getent passwd uid] process and parsing * the result. */ - if (!pwentp) - user_shell = lxc_attach_getpwshell(uid); - else - user_shell = pwent.pw_shell; - + user_shell = lxc_attach_getpwshell(uid); if (user_shell) execlp(user_shell, user_shell, (char *)NULL); @@ -1889,8 +1866,7 @@ int lxc_attach_run_shell(void* payload) execlp("/bin/sh", "/bin/sh", (char *)NULL); SYSERROR("Failed to execute shell"); - if (!pwentp) - free(user_shell); + free(user_shell); return -1; }