Commits · 20b3ccebf50248f7afe263133bfbcb4f1f990e96 · Chen Yisong / lxc

09 May, 2017 7 commits

monitor: report errno on exec() error · 20b3cceb
Christian Brauner authored May 05, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
20b3cceb
conf: add MS_LAZYTIME to mount options · 052e7c70
Christian Brauner authored May 02, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
052e7c70
conf: order mount options · a49066d4
Christian Brauner authored May 02, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
a49066d4

Change sshd template to work with Ubuntu 17.04 · 94b8d282

authored May 01, 2017

A few things have changed and this patch makes container generated for sshd work in Ubuntu
Signed-off-by: Nikolay Martynov <mar.kolya@gmail.com>

94b8d282

utils: tweak lxc_mount_proc_if_needed() · 859ee653

authored Apr 29, 2017

Create /proc directory if it doesn't exist.

Closes #1475.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

859ee653

conf: non-functional changes · 8a807a12
Christian Brauner authored Apr 28, 2017
```
Closes #1475.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
8a807a12

conf: close fd in lxc_setup_devpts() · 74363c78

authored Apr 28, 2017

This left the file descriptor to the underlying /dev/ptmx file open which
confused the hell out of criu. Let's close it.

Closes https://github.com/lxc/lxd/issues/3243.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

74363c78

26 Apr, 2017 7 commits

issue template: fix typo · 814e9e3a
Christian Brauner authored Apr 23, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
814e9e3a

cgroups: improve cgfsng debugging · c150e386

authored Apr 23, 2017

In a lot of cases we need a list of the writeable cgroup controllers detected
by the cgfsng driver.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

c150e386

create ISSUE_TEMPLATE.md · 14a53ef2
Christian Brauner authored Apr 22, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
14a53ef2

utils: use loop device helpers from LXD · 57ada8a7

authored Apr 22, 2017

Use the loop device helpers I wrote for LXD in LXC as well. They should be more
efficient.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

57ada8a7

conf: non-functional changes · b31b2a20
Christian Brauner authored Apr 22, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
b31b2a20

conf: use bind-mount for /dev/ptmx · a32f7894

authored Apr 22, 2017

AppArmor will refuse on /dev/ptmx being a symlink.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

a32f7894

conf: non-functional changes to setup_pts() · 4de4ec76
Christian Brauner authored Apr 21, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
4de4ec76

19 Apr, 2017 2 commits
- caps: return false if caps are not supported · 4645c74c
  Christian Brauner authored Apr 19, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  4645c74c
- autotools: check for cap_get_file · 1291d99a
  Christian Brauner authored Apr 19, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  1291d99a
18 Apr, 2017 3 commits
- caps: skip file capability checks on android · 723935d6
  Christian Brauner authored Apr 17, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  723935d6
- attach|unshare: fix the wrong comment · 99e54f04
  0x0916 authored Apr 17, 2017
```
Signed-off-by: 0x0916 <w@laoqinren.net>
```
  99e54f04
- fix typo introduced in #1509 · c2fc2033
  Evgeni Golov authored Apr 17, 2017
```
Signed-off-by: Evgeni Golov <evgeni@debian.org>
```
  c2fc2033
17 Apr, 2017 6 commits

ls: simplify the judgment condition when list active containers · 34b87922
0x0916 authored Apr 16, 2017
```
Signed-off-by: 0x0916 <w@laoqinren.net>
```
34b87922
conf: improve log when mounting rootfs · 016c5924
Christian Brauner authored Apr 15, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
016c5924

conf: check for {filecaps,setuid} on new{g,u}idmap · 25743d0d

authored Apr 15, 2017

The new{g,u}idmap binaries where a source of trouble for users when they lacked
sufficient privileges. This commit adds code to check for sufficient privilege.
It checks whether new{g,u}idmap is root owned and has the setuid bit set and if
it doesn't it checks whether new{g,u}idmap is root owned and has CAP_SETUID in
its CAP_PERMITTED and CAP_EFFECTIVE set.

Closes #296.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

25743d0d

caps: add lxc_{proc,file}_cap_is_set() · abeded90

authored Apr 15, 2017

Add two new helpers that allow to determine whether a given proc or file has a
capability in the given set and move lxc_cap_is_set() to static function that
both call internally.

Closes #296.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

abeded90

conf: lxc_map_ids() non-functional changes · e8f08226
Christian Brauner authored Apr 15, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
e8f08226

conf: less error prone pointer access · 125acbf7

authored Dec 23, 2016

These functions define pointer to their key shifted by a
number and guard access to it later via another variable.
Let's make this more explicit (and additionally have the
pointer be NULL in the case where it is not supposed to be
used).
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

125acbf7

10 Apr, 2017 2 commits
- remove obsolete note about api stability · 0f6e4b4b
  Jakob Gillich authored Apr 08, 2017
```
Signed-off-by: Jakob Gillich <jakob@gillich.me>
```
  0f6e4b4b
- avoid assigning to a variable which is not POSIX shell proof (bug #1498) · bc86797e
  Vincent Catros authored Apr 07, 2017
```
Signed-off-by: Vincent Catros <vincent.catros@laposte.net>
```
  bc86797e
04 Apr, 2017 6 commits

Increased buffer length in print_stats() · f4f749a4

authored Mar 30, 2017

Some "/sys" entries exceeds buffer size.
This results to some statistics loss ('BlkIO' in particular):

 wc -c /sys/fs/cgroup/blkio/lxc/alt/blkio.throttle.io_service_bytes
 318 /sys/fs/cgroup/blkio/lxc/alt/blkio.throttle.io_service_bytes
Signed-off-by: Denis Pynkin <dans@altlinux.org>

f4f749a4

Avoid waiting for bridge interface if disabled in sysconfig/lxc | lxc-net via USE_LXC_BRIDGE · a9b74be6
Torsten Fohrer authored Mar 30, 2017
```
Signed-off-by: Torsten Fohrer <tfohrer@googlemail.com>
```
a9b74be6
Makefile: fix static clang init.lxc build · aa6e38fa
Christian Brauner authored Mar 23, 2017
```
Signed-off-by: Serge Hallyn <serge@hallyn.com>
```
aa6e38fa

Keep veth.pair.name on network shutdown · 2ad08536

authored Mar 23, 2017

In case of a container that is rebooting, freeing veth.pair.name here results in losing given veth.pair name
(Only if given lxc_netdev is reused).
Signed-off-by: Torsten Fohrer <tfohrer@googlemail.com>

2ad08536

tools: exit with return code of lxc_execute() · 13758567
Christian Brauner authored Feb 15, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
13758567
Merge pull request #1488 from evgeni/stable-2.0-no-passwords · d98e80e2
Stéphane Graber authored Apr 03, 2017
```
[stable-2.0] default password cleanup
```
d98e80e2

25 Mar, 2017 3 commits
- don't set a default password for altlinux, gentoo, openmandriva and pld · 8c7dddc2
  Evgeni Golov authored Mar 19, 2017
```
Refs: #1158
Signed-off-by: Evgeni Golov <evgeni@debian.org>
```
  8c7dddc2
- do not set insecure passwords · ff7a7fdc
  Evgeni Golov authored Dec 15, 2016
```
Signed-off-by: Evgeni Golov <evgeni@debian.org>
```
  ff7a7fdc
- do not set the root password in the debian template · ebb0cc53
  Evgeni Golov authored Apr 13, 2016
```
closes #302
Signed-off-by: Evgeni Golov <evgeni@debian.org>
```
  ebb0cc53
22 Mar, 2017 4 commits

Fix opening wrong file in suggest_default_idmap · 20f3261a

authored Mar 22, 2017

Fixing the typo making `suggest_default_idmap` open `subuidfile`
instead of `subgidfile` to read subgid information.
Signed-off-by: Pochang Chen <johnchen902@gmail.com>

20f3261a

tests: Kill containers (don't wait for shutdown) · 8bb16503

authored Mar 21, 2017

We waste a lot of time waiting for Ubuntu containers to cleanly stop
right before we destroy them anyway.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

8bb16503

tests: Support running on IPv6 networks · 45997a79
Stéphane Graber authored Mar 21, 2017
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
45997a79
tree-wide: include <sys/sysmacros.h> directly · cef0cc99
Christian Brauner authored Mar 21, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
cef0cc99