Commits · 19e75fa049061daee147c46928e49e5669e62e03 · Chen Yisong / lxc

20 Apr, 2018 15 commits

conf: fix net type checks in run_script_argv() · 19e75fa0
Jakub Skokan authored Apr 12, 2018
```
Signed-off-by: Jakub Skokan <jakub.skokan@havefun.cz>
```
19e75fa0

execute: fix app containers without root mapping · 0705862d

authored Apr 12, 2018

When starting application containers without a mapping for container root are
started, a dummy bind-mount target for lxc-init needs to be created. This will
not always work directly under "/" when e.g. permissions are missing due to the
ownership and/or mode of "/". We can try to work around this by using the
P_tmpdir as defined in POSIX which should usually land us in /tmp where
basically everyone can create files.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

0705862d

conf: ret-try devpts mount without gid=5 on error · d0e5f7fe

authored Apr 12, 2018

We should always default to mounting devpts with gid=5 but we should fallback
to mounting without gid=5. This let's us cover use-cases such as container
started with only a single mapping e.g.:

lxc.idmap = u 1000 1000 1
lxc.idmap = g 1000 1000 1

Closes #2257.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

d0e5f7fe

attach: try to always drop supplementary groups · 315350e3
Christian Brauner authored Apr 11, 2018
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
315350e3
utils: define __NR_setns if missing on old glibcs · 1223bf7a
Christian Brauner authored Apr 10, 2018
```
Closes #2248.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
1223bf7a
lxc init: coding style · 547199c2
Christian Brauner authored Apr 09, 2018
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
547199c2

tools/utils: free memory on error · 7292d599

authored Apr 06, 2018

Closes #2262.
Signed-off-by: C0deAi <techsupport@mycode.ai>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

7292d599

storage/rsync: free memory on error · 21dae50a

authored Apr 06, 2018

Closes #2262.
Signed-off-by: C0deAi <techsupport@mycode.ai>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

21dae50a

lxc init: remove dead code · 4fc43a49

authored Apr 06, 2018

Value stored is never read.

Closes #2262.
Signed-off-by: C0deAi <techsupport@mycode.ai>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

4fc43a49

attach: always drop supplementary groups · d26615b6
Christian Brauner authored Apr 09, 2018
```
Closes #1704.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
d26615b6

Fix compilation with static libcap and shared gnutls · dd12412a

authored Apr 07, 2018

Commit c06ed219 has broken
compilation with a static libcap and a shared gnutls.
This results in a build failure on init_lxc_static if gnutls is
a shared library as init_lxc_static is built with -all-static option
(see src/lxc/Makefile.am) and AC_CHECK_LIB adds gnutls to LIBS.

This commit fix the issue by removing default behavior of AC_CHECK_LIB
and handling manually GNUTLS_LIBS and HAVE_LIBGNUTLS

Fixes:
 - http://autobuild.buildroot.net/results/b655d6853c25a195df28d91512b3ffb6c654fc90Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

dd12412a

ringbuf: fix temporary file creation · 022143c4

authored Apr 06, 2018

lxc_make_tmpfile() uses mkstemp() internally, and thus expects the
template to contain 'XXXXXX' and be writable.
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

022143c4

conf: fix temporary file creation · 55263432

authored Apr 06, 2018

lxc_make_tmpfile() uses mkstemp() internally, and thus expects the
template to contain 'XXXXXX' and be writable.
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

55263432

rootfs pinning: On NFS, make file hidden but don't delete it · c46adf56
Guido Jäkel authored Apr 06, 2018
```
On NFS, avoid random names of the root pin file due to "NFS silly renaming" but use a fixed hidden name instead.
```
c46adf56

fix signal sending in lxc.init · 673a28fa

authored Apr 04, 2018

The problem here is that these two clauses were ordered backwards: we first
check if the signal came from not the init pid, and if it did, then we give
a notice and return. The comment notes that this is intended to protect
against SIGCHLD, but we don't in fact know if the signal is a SIGCHLD yet,
because that's tested in the next hunk.

The symptom is that if I e.g. send SIGTERM from the outside world to the
container init, it ignores it and gives this notice. If we re-order these
clauses, it forwards non SIGCHLD signals, and ignores SIGCHLD signals from
things that aren't the real container process.
Signed-off-by: Tycho Andersen <tycho@tycho.ws>

673a28fa

03 Apr, 2018 8 commits
- doc: Tweak Japanese translation in lxc.container.conf(5) · 3a227957
  KATOH Yasufumi authored Apr 03, 2018
```
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
```
  3a227957
- conf: ensure umounts don't propagate to host · 9ee1f215
  Fengtu Wang authored Apr 03, 2018
```
Signed-off-by: Fengtu Wang <wangfengtu@huawei.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  9ee1f215
- locktests: fix test suite · d21cb3e0
  Christian Brauner authored Mar 30, 2018
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  d21cb3e0
- lxclock: use thread-safe *_OFD_* fcntl() locks · df946e7b
  Christian Brauner authored Mar 30, 2018
```
If they aren't available fallback to BSD flock()s.

Closes #2245.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  df946e7b
- lxc-oci: make umoci less verbose · 216a11a0
  Felix Abecassis authored Mar 29, 2018
```
Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
```
  216a11a0
- lxc-oci: fix Cmd/Entrypoint parsing · aa9a2cea
  Felix Abecassis authored Mar 29, 2018
```
Don't use the -r option of jq, since it will strip the double quotes.

Fixes: #2195
Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
```
  aa9a2cea
- storage: fix lvm fs uuid generation · c10989a6
  Christian Brauner authored Mar 29, 2018
```
Closes #2241.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  c10989a6
- tools: fix unitialized variable · 7b882373
  Christian Brauner authored Mar 29, 2018
```
Closes #2242.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  7b882373
28 Mar, 2018 1 commit
- Release LXC 3.0.0 · 5b66b6ee
  Stéphane Graber authored Mar 27, 2018
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
  5b66b6ee
27 Mar, 2018 5 commits
- Merge pull request #2239 from brauner/2018-03-27/fixup_action_script · 21773a95
  Stéphane Graber authored Mar 27, 2018
```
Allow passing action scripts to CRIU
```
  21773a95
- Allow passing action scripts to CRIU · 59019754
  Eytan Heidingsfeld authored Mar 25, 2018
```
Closes #2236.
Signed-off-by: Eytan Heidingsfeld <eytanh@gmail.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  59019754
- Merge pull request #2238 from stgraber/master · 808108a9
  Christian Brauner authored Mar 27, 2018
```
configure.ac: Support redhatenterpriseserver
```
  808108a9
- configure.ac: Support redhatenterpriseserver · b195038d
  Stéphane Graber authored Mar 27, 2018
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
  b195038d
- Release LXC 3.0.0.beta4 · 769cf3c1
  Stéphane Graber authored Mar 26, 2018
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
  769cf3c1
26 Mar, 2018 4 commits
- Merge pull request #2237 from brauner/2018-03-26/always_make_dumpable · f4ffd9f8
  Stéphane Graber authored Mar 26, 2018
```
start: always make us dumpable
```
  f4ffd9f8
- start: always make us dumpable · d7883725
  Christian Brauner authored Mar 26, 2018
```
Otherwise lxc.hook.mount hooks that try to inspect /proc/<pid>/*
will fail.

Cc: Jonathan Calmels <jcalmels@nvidia.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  d7883725
- Merge pull request #2235 from brauner/2018-03-25/simplify_autodev · 065d5d0d
  Stéphane Graber authored Mar 25, 2018
```
conf: simplify autodev
```
  065d5d0d
- conf: simplify lxc_fill_autodev() · 5e73416f
  Christian Brauner authored Mar 25, 2018
```
This function was way more syscall heavy than it needed to be.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  5e73416f
24 Mar, 2018 1 commit
- Merge pull request #2232 from flx42/dhclient-hook-apparmor · 6af6b30a
  Stéphane Graber authored Mar 24, 2018
```
hooks: fix dhclient hook when an AppArmor profile is active
```
  6af6b30a
23 Mar, 2018 6 commits
- Release LXC 3.0.0.beta3 · b53a2616
  Stéphane Graber authored Mar 23, 2018
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
  b53a2616
- Merge pull request #2233 from brauner/2018-03-23/truncate_config_file · 2715bbf9
  Stéphane Graber authored Mar 23, 2018
```
lxccontainer: truncate config file
```
  2715bbf9
- lxccontainer: truncate config file · 10034af5
  Christian Brauner authored Mar 23, 2018
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  10034af5
- Merge pull request #2231 from stgraber/master · cc8d4ec0
  Christian Brauner authored Mar 23, 2018
```
pam: Fix missing symbols in module
```
  cc8d4ec0
- hooks: fix dhclient hook when an AppArmor profile is active · 41be52e8
  Felix Abecassis authored Mar 23, 2018
```
Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
```
  41be52e8
- pam: Fix missing symbols in module · 60534f79
  Stéphane Graber authored Mar 23, 2018
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
  60534f79