From f25dd7358ea454e78c41094e79764ea9e09f28e7 Mon Sep 17 00:00:00 2001
From: wujing <wujing50@huawei.com>
Date: Wed, 15 Apr 2020 03:57:20 -0400
Subject: [PATCH 29/49] Supporting additional groups configuration

Signed-off-by: wujing <wujing50@huawei.com>
---
 src/lxc/confile.c | 65 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index 9ba3c7c..55cba6d 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -149,6 +149,7 @@ lxc_config_define(sysctl);
 lxc_config_define(proc);
 #ifdef HAVE_ISULAD
 lxc_config_define(init_args);
+lxc_config_define(init_groups);
 lxc_config_define(populate_device);
 lxc_config_define(umask);
 lxc_config_define(rootfs_masked_paths);
@@ -268,6 +269,7 @@ static struct lxc_config_t config_jump_table[] = {
 	{ "lxc.proc",                      set_config_proc,                        get_config_proc,                        clr_config_proc,                      },
 #ifdef HAVE_ISULAD
 	{ "lxc.isulad.init.args",          set_config_init_args,                   get_config_init_args,                   clr_config_init_args,                 },
+	{ "lxc.isulad.init.groups",        set_config_init_groups,                 get_config_init_groups,                 clr_config_init_groups,               },
 	{ "lxc.isulad.populate.device",    set_config_populate_device,             get_config_populate_device,             clr_config_populate_device,           },
 	{ "lxc.isulad.umask",              set_config_umask,                       get_config_umask,                       clr_config_umask,                     },
 	{ "lxc.isulad.rootfs.maskedpaths", set_config_rootfs_masked_paths,         get_config_rootfs_masked_paths,         clr_config_rootfs_masked_paths,       },
@@ -6247,6 +6249,69 @@ static inline int clr_config_init_args(const char *key, struct lxc_conf *c,
 	return lxc_clear_init_args(c);
 }
 
+/* isulad: set config for init groups */
+static int set_config_init_groups(const char *key, const char *value,
+                                  struct lxc_conf *lxc_conf, void *data)
+{
+	char *groups = NULL;
+	char *token = NULL;
+	int ret = -1;
+
+	if (lxc_config_value_empty(value))
+		return lxc_clear_init_groups(lxc_conf);
+
+	groups = strdup(value);
+	if (!groups)
+		return -1;
+
+	/* In case several capability keep is specified in a single line
+	 * split these caps in a single element for the list.
+	 */
+	lxc_iterate_parts(token, groups, " \t") {
+		gid_t *tmp = NULL;
+		if (lxc_mem_realloc((void **)&tmp, (lxc_conf->init_groups_len + 1) * sizeof(gid_t), lxc_conf->init_groups,
+		                    (lxc_conf->init_groups_len) * sizeof(gid_t)) != 0) {
+			ERROR("Out of memory");
+			goto on_error;
+		}
+		lxc_conf->init_groups = tmp;
+		tmp[lxc_conf->init_groups_len] = atoll(token);
+		lxc_conf->init_groups_len++;
+	}
+
+	ret = 0;
+
+on_error:
+	free(groups);
+
+	return ret;
+}
+
+/* isulad: get config init groups */
+static int get_config_init_groups(const char *key, char *retv, int inlen,
+                                  struct lxc_conf *c, void *data)
+{
+	int i, len, fulllen = 0;
+
+	if (!retv)
+		inlen = 0;
+	else
+		memset(retv, 0, inlen);
+
+	for (i = 0; i < c->init_groups_len; i++) {
+		strprint(retv, inlen, "%u\n", c->init_groups[i]);
+	}
+
+	return fulllen;
+}
+
+/* isulad: clr config init args*/
+static inline int clr_config_init_groups(const char *key, struct lxc_conf *c,
+                void *data)
+{
+	return lxc_clear_init_groups(c);
+}
+
 /* isulad: set config for populate device */
 static int set_config_populate_device(const char *key, const char *value,
                                       struct lxc_conf *lxc_conf, void *data)
-- 
1.8.3.1