- 19 May, 2010 2 commits
-
-
Daniel Lezcano authored
We don't close the command socket after the transaction, that leads to a fd leak. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
Indent the signalfd structure definition correctly. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 18 May, 2010 2 commits
-
-
Daniel Lezcano authored
Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
Add the broadcast specification, if none is specified, it is automatically computed from the addr & mask. syntax: lxc.network.ipv4 = 172.20.0.2/24 172.20.255.255 Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 12 May, 2010 7 commits
-
-
Ferenc Wagner authored
Signed-off-by:
Ferenc Wagner <wferi@niif.hu> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Ferenc Wagner authored
The removal does not account for possible leading path components that were also created during creation of pivotdir. Signed-off-by:
Ferenc Wagner <wferi@niif.hu> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
As we defined a path where to mount the rootfs, we can use without ambiguity because it is defined by default at compile time or by the configuration. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
Define lxc.rootfs.mount option in order to override the default mount point for rootfs. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
We have pivot_dir and rootfs defined in lxc_conf structure. Let's encapsulate them in a rootfs structure. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
Add a configure option to set a mount point path when using a rootfs, that will replace the actual behavior which creates uneeded /tmp/lxc** directories. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
Mindless changes by removing whitespace. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 10 May, 2010 8 commits
-
-
Ferenc Wagner authored
Ferenc Wagner <wferi@niif.hu> writes: > Daniel Lezcano <dlezcano@fr.ibm.com> writes: > >> Ferenc Wagner wrote: >> >>> Daniel Lezcano <daniel.lezcano@free.fr> writes: > >>>> Ferenc Wagner wrote: > >>>> > >>>>> While playing with lxc-start, I noticed that /tmp is infested by > >>>>> empty lxc-r* directories: [...] Ok, this name comes from lxc-rootfs > >>>>> in conf.c:setup_rootfs. After setup_rootfs_pivot_root returns, the > >>>>> original /tmp is not available anymore, so rmdir(tmpname) at the > >>>>> bottom of setup_rootfs can't achieve much. Why is this temporary > >>>>> name needed anyway? Is pivoting impossible without it? > >>>> > >>>> That was put in place with chroot, before pivot_root, so the distro's > >>>> scripts can remount their '/' without failing. > >>>> > >>>> Now we have pivot_root, I suppose we can change that to something cleaner... >>> Like simply nuking it? Shall I send a patch? >> >> Sure, if we can kill it, I will be glad to take your patch :) > > I can't see any reason why lxc-start couldn't do without that temporary > recursive bind mount of the original root. If neither do you, I'll > patch it out and see if it still flies. For my purposes the patch below works fine. I only run applications, though, not full systems, so wider testing is definitely needed. Thanks, Feri. >From 98b24c13f809f18ab8969fb4d84defe6f812b25c Mon Sep 17 00:00:00 2001 Date: Thu, 6 May 2010 14:47:39 +0200 That was put in place before lxc-start started using pivot_root, so the distro scripts can remount / without problems. Signed-off-by:
Ferenc Wagner <wferi@niif.hu> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
Bind mount host library path. Weird but some distro provide busybox as a dynamically linked binary. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Guillaume Zitta authored
With a friend, we installed lxc on his server. We spend 1 hour on the kernel config because we didn't knew : - that lxc-checkconfig is a bash script and it can check a config before running it - which kernel config item whas not good - that CONFIG_SECURITY_FILE_CAPABILITIES is obsolete since 2.6.33 So, here is a patch for lxc-checkconfig that could save time for lxc newbies Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com> Modified-by:
Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by:
Guillaume Zitta <lxc@zitta.fr>
-
Daniel Lezcano authored
Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
"lxc configure does not exist. You need to run ./autogen.sh to create it. I think it needs to either be documented in INSTALL or you provide ./configure" Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com> Reported-by:
Jamal Hadi Salim <hadi@cyberus.ca>
-
Daniel LEzcano authored
Clean up and factor a bit the pivot_root code. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
First of all, when trying to start a container in a read-only root lxc-start complains: lxc-start: Read-only file system - can't make temporary mountpoint This is in conf.c:setup_rootfs_pivot_root() function. That function uses optional parameter "lxc.pivotdir", or creates (and later removes) a temporary directory for pivot_root. Obviously there's no way to create a directory in a read-only filesystem. But lxc.pivotdir does not work either. In the function mentioned above it is used with leading dot (eg. if I specify "lxc.pivotdir=pivot" in the config file the pivot_root() syscall will be made to ".pivot" with leading dot, not to "pivot"), but later on it is used without that dot, and fails: lxc-start: No such file or directory - failed to open /pivot/proc/mounts lxc-start: No such file or directory - failed to read or parse mount list '/pivot/proc/mounts' lxc-start: failed to pivot_root to '/stage/t' (that's with "lxc.pivotdir = pivot" in the config file). After symlinking pivot to .pivot it still fails: lxc-start: Device or resource busy - could not unmount old rootfs lxc-start: failed to pivot_root to '/stage/t' Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com> Reported-by:
Michael Tokarev <mjt@tls.msk.ru>
-
Daniel Lezcano authored
When the client console exits, the mainloop goes in an infinite loop as the handler is not removed and we are notified from the disconnection indefinitely. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 07 May, 2010 2 commits
-
-
Daniel Lezcano authored
If the SIGCHLD is sent from a process different from the container's init process we ignore it, otherwise we finish to wait it. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
When the init container is stopped, we don't check this condition and we assume the child exited and we wait indefinitely for the child to exit while this one is stopped. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 29 Apr, 2010 18 commits
-
-
Michel Normand authored
Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
to be able to have lxc_fini symetric with lxc_init Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
do the same checking as already done in lxc/restart.c Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
There is only one such perror call, so remove it in nl.c In this same patch, verify that all functions of nl.c and network.c are reporting a -errno value in case of error; value that is reported in lxc log by the callers in conf.c Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
gkurz@linux.vnet.ibm.com authored
lxc-kill send a signal to the process 1 of the container. If this command is used on an application container ran by lxc-execute, the lxc-init will receive the signal and will forward it to the process 2 which is the command specified in the command line. Signed-off-by:
Greg Kurz <gkurz@fr.ibm.com> Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
reformating given examples and add reference to examples directory. Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
update lxc man page to better explain: * the notions of persistent and volatil container. * the difference between lxc-execute and lxc-start commands Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
this is required to avoid to fill /cgroup with pid number each time lxc-unshare is called. Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
it's usage was removed by patch 28a4b0e5 "open the console later" Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
as will be used later on in other patches. Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
This new option is to have user to pass a fd in place of statefile name. Simple usage with file open in bash: === $rm -f *.log; lxc-execute -n foo -- pi1 44444 $rm -rf /tmp/sf; lxc-checkpoint -n foo -k --statefd 3 3>/tmp/sf && lxc-restart -n bar --statefd 4 4</tmp/sf === Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
the fd 0,1 and 2 are still inherited and we only need the fd 2 (stderr) after the start/restart of the application. Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Michel Normand authored
Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 08 Apr, 2010 1 commit
-
-
Daniel Lezcano authored
Fail when we try to attach to an non existing container Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-