Skip to content

L
lxc
Switch branch/tag
  1. 25 May, 2013 2 commits
    • fix memory leaks in cgroup functions · 2acf7795
      Dwight Engen authored 
      There were several memory leaks in the cgroup functions, notably in the
success cases.

The cgpath test program was refactored and additional tests added to it.
It was used in various modes under valgrind to test that the leaks were
fixed.

Simplify lxc_cgroup_path_get() and cgroup_path_get by having them return a
char * instead of an int and an output char * argument. The only return
values ever used were -1 and 0, which are now handled with NULL and non-NULL
returns respectively.

Use consistent variable names of cgabspath when refering to an absolute path
to a cgroup subsystem or file, and cgrelpath when refering to a container
"group/name" within the cgroup heirarchy.

Remove unused subsystem argument to lxc_cmd_get_cgroup_path().

Remove unused #define MAXPRIOLEN

Make template arg to lxcapi_create() const
Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • consolidate missing C library functions into utils.h · 6a44839f
      Dwight Engen authored 
      This fixes the build of lxccontainer.c on systems that have __NR_setns
but not HAVE_SETNS.
Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
  3. 23 May, 2013 1 commit
    • python: Fix lxc-ls's usage of get_ips() · ad5f1515
      Stéphane Graber authored 
      The recent port of get_ips() from pure python to the C API came with
a couple of API changes for that function call (as were highlighted in
the commit message).

I somehow didn't notice that lxc-ls was still calling with the old API
and so was crashing whenever it was asked to show the ipv4 or ipv6 address.
Signed-off-by: 's avatarStéphane Graber <stgraber@ubuntu.com>
  5. 22 May, 2013 5 commits
  7. 21 May, 2013 3 commits
    • fix minor gcc 4.7.2 error · fca3080f
      Dwight Engen authored 
      lxccontainer.c:874:4: error: ‘for’ loop initial declarations are only
allowed in C99 mode
Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Acked-by: 's avatarStéphane Graber <stgraber@ubuntu.com>
    • extend command processor to handle generic data · ef6e34ee
      Dwight Engen authored 
      Motivation for this change is to have the ability to get the run-time
configuration items from a container, which may differ from its current
on disk configuration, or might not be available any other way (for
example lxc.network.0.veth.pair). In adding this ability it seemed there
was room for refactoring improvements.

Genericize the command infrastructure so that both command requests and
responses can have arbitrary data. Consolidate all commands into command.c
and name them consistently. This allows all the callback routines to be
made static, reducing exposure.

Return the actual allocated tty for the console command. Don't print the
init pid in lxc_info if the container isn't actually running. Command
processing was made more thread safe by removing the static buffer from
receive_answer(). Refactored command response code to a common routine.
Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • lxcapi: Add new get_ips() call · 9c83a661
      Stéphane Graber authored 
      This adds a new get_ips call which takes a family (inet, inet6 or NULL),
a network interface (or NULL for all) and a scope (0 for global) and returns
a char** of all the IPs in the container.

This also adds a matching python3 binding (function result is a tuple) and
deprecates the previous pure-python get_ips() implementation.

WARNING: The python get_ips() call is quite different from the previous
implementation. The timeout argument has been removed, the family names are
slightly different (inet/inet6 vs ipv4/ipv6) and an extra scope parameter
has been added.
Signed-off-by: 's avatarStéphane Graber <stgraber@ubuntu.com>
Acked-by: 's avatarSerge E. Hallyn <serge.hallyn@ubuntu.com>
  9. 20 May, 2013 7 commits
  11. 17 May, 2013 1 commit
  13. 16 May, 2013 5 commits
    • document clone hooks · dc92f6c7
      Serge Hallyn authored 
      Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • lxc: add clone hook. · 148e91f5
      Serge Hallyn authored 
      Add a clone hook called from api_clone.  Pass arguments to it from
lxc_clone.c.

The clone update hook is called while the container's bdev is mounted.
Information about the container is passed in through environment
variables LXC_ROOTFS_PATH, LXC_NAME, The LXC_ROOTFS_MOUNT, and
LXC_CONFIG_FILE.

LXC_ROOTFS_MOUNT=/usr/lib/x86_64-linux-gnu/lxc
LXC_CONFIG_FILE=/var/lib/lxc/demo3/config
LXC_ROOTFS_PATH=/var/lib/lxc/demo3/rootfs
LXC_NAME=demo3

So from the hook, updates to the container should be made under
$LXC_ROOTFS_MOUNT/ .

The hook also receives command line arguments as follows:
First argument is container name, second is always 'lxc', third
is the hook name (always clone), then come the arguments which
were passed to lxc-clone.  I.e. when I did:

sudo lxc-clone demo2 demo3 -- hey there dude

the arguments passed in were "demo3 lxc clone hey there dude"

I personally would like to drop the first two arguments.  The
name is available as $LXC_NAME, and the section argument ('lxc')
is meaningless.  However, doing so risks invalidating existing
hooks.

Soon analogous create and destroy hooks will be added as well.
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: 's avatarStéphane Graber <stgraber@ubuntu.com>
    • cgroup: prevent DOS when a hierachy is mounted multiple times · 9a93d992
      Serge Hallyn authored 
      When starting a container, we walk through all cgroup mounts looking
for a unique directory name we can use for this container.  If the
name we are trying is in use, we try another name.  If it is not in
use in the first mount we check, we need to check other hierarchies
as it may exist there.  But we weren't checking whether we have already
checked a subsystem - so that if freezer was mounted twice, we would
create it in the first mount, see it exists in the second, so start
over trying in the second mount.

To fix this, keep track of which subsystems we have already checked,
and do not re-check.

(See http://pad.lv/1176287 for a bug report)

Note we still need to add, at the next: label, the removal of the
directories we've already created.  I'm keeping that for later as
it's far lower priority than this fix, and I don't want to risk
introducing a regression for that.
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • set non device cgroup items before the cgroup is entered · 6031a6e5
      Dwight Engen authored 
      This allows some special cgroup items such as memory.kmem.limit_in_bytes
to be successfully set, since they must be set before any task is put
into the cgroup.

The devices cgroup is setup later giving the container a chance to mount
file systems before the device it might want to mount from becomes
unavailable.
Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • doc/lxc.conf minor clarifications · d9e80daf
      Dwight Engen authored 
      Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
  15. 15 May, 2013 2 commits
    • lxc-fedora-template: autodev, hostname, ARM archs, Raspberry Pi fixes · 627fe3b4
      Michael H. Warfield authored 
      This took a lot longer for me to get around to it...  Sorry.

Patch to the lxc-fedora template.

I didn't get any further comments from my earlier proposal, weeks ago,
and did get one addition based on comments about properly setting the
hostname in /etc/hostname, which I've added.  I could have broken them
into separate patches but most are pretty small and minor.

Changes:

* Map armv6l and armv7l architectures to "arm" for yum and repos to
function properly.

* Detect Fedora Remix distros with no "/etc/fedora-release" file
(Raspberry Pi) and find proper release versions when "remix" part of the
file context.

* Change default Fedora container on non-Fedora hosts to Fedora 17.

* Added code for autodev for Fedora systemd containers.

* Added code to set /etc/hostname for Fedora > 14 (systemd).

* Fix a few typos.

Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw@WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
--
Signed-off-by: 's avatarMichael H. Warfield <mhw@WittsEnd.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • lxc-busybox: check when bind-mounting host libdirs · 794fb287
      Bogdan Purcareata authored 
      The patch removes the behavior of automatically mounting /lib
and /usr/lib, since this is duplicated a few lines below. It will
also remove the risk of failing when one of these entries are not
present on the host - e.g. on a 64bit machine.
Signed-off-by: 's avatarBogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
  17. 14 May, 2013 2 commits
  19. 13 May, 2013 1 commit
  21. 09 May, 2013 1 commit
  23. 08 May, 2013 2 commits
    • lxc-monitor multiple paths · 8d06bd13
      Dwight Engen authored 
      Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • lxc-ps: handle cgroup collisions · 566c0d6d
      Serge Hallyn authored 
      A few months ago cgroup handling in lxc was updated so that if
/sys/fs/cgroup/$cgroup/lxc/$container already exists (most often
due to another container by the same name under a different lxcpath),
then /sys/fs/cgroup/$cgroup/lxc/${container}-N would be used.

lxc-ps was never updated to handle this.  Fix that.

(Note, the ns cgroup is being special cased there, but I don't
really believe ns cgroup works any more.)

It would be preferable to rewrite lxc-ps in python or in C, but
this at least makes the basic lxc-ps work in the case of multiple
containers with the same name.

Changelog:
	fix missing fi.
	replace 'z1' with '$container' as pointed out by Christian
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
  25. 07 May, 2013 8 commits