- 17 Dec, 2017 40 commits
-
-
Christian Brauner authored
Detaching network namespaces as an unprivileged user is currently not possible and attaching to the user namespace will mean we are not allowed to move the network device into an ancestor network namespace. Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
- check for memory allocation failure - free allocated memory - cleanup function Signed-off-by: -
Jonathan Calmels authored
Signed-off-by:Jonathan Calmels <jcalmels@nvidia.com>
-
Christian Brauner authored
Moving away from internal symbols we can't do hacks like we currently do in lxc-start and call internal functions like lxc_conf_init(). This is unsafe anyway. Instead, we should simply error out if the user didn't give us a configuration file to use. lxc-start refuses to start in that case already. Relates to discussion in https://github.com/lxc/go-lxc/pull/96#discussion_r155075560 . Closes #2023. Reported-by:
Felix Abecassis <fabecassis@nvidia.com> Signed-off-by:
-
Christian Brauner authored
do not double close file descriptor Signed-off-by: -
Christian Brauner authored
ensure \0-termination Signed-off-by: -
Christian Brauner authored
free allocated memory Signed-off-by: -
Christian Brauner authored
remove logically dead code Signed-off-by: -
Christian Brauner authored
free allocated memory Signed-off-by: -
Christian Brauner authored
used calculated string length when copying into buffer Signed-off-by: -
Stéphane Graber authored
Signed-off-by:Stéphane Graber <stgraber@ubuntu.com>
-
Marcos Paulo de Souza authored
The same message exists in lxclock.c and cgmanager.c, so print the filename along with the message. Before this patch: lxc-destroy -n u1 pthread_mutex_unlock returned:1 Operation not permitted After this patch: xc-destroy -n u1 lxclock.c: pthread_mutex_unlock returned:1 Operation not permitted Signed-off-by:Marcos Paulo de Souza <marcos.souza.org@gmail.com>
-
Christian Brauner authored
check return value of getifaddrs() Signed-off-by: -
Christian Brauner authored
do not call close on bad file descriptor Signed-off-by: -
Christian Brauner authored
silence complaint about unchecked return value from library function Signed-off-by: -
Christian Brauner authored
free allocated memory Signed-off-by: -
Christian Brauner authored
free allocated memory Signed-off-by: -
Christian Brauner authored
free allocated memory Signed-off-by: -
Christian Brauner authored
avoid NULL-pointer dereference Signed-off-by: -
Christian Brauner authored
free allocated memory Signed-off-by: -
Christian Brauner authored
check snprintf() return value Signed-off-by: -
Christian Brauner authored
use correct inequality comparison Signed-off-by: -
Christian Brauner authored
free memory on error Signed-off-by: -
Christian Brauner authored
This adds additional test for app containers. Signed-off-by: -
RicardoSanchezA authored
lxc_init.c should not depend on tools/arguments.{c,h}, thus it needs its own custom argument parser Signed-off-by:RicardoSanchezA <ricardo.sanchez@utexas.edu>
-
Christian Brauner authored
Signed-off-by: -
RicardoSanchezA authored
lxc_init.c is actually not a tool, thus it doesn't belong to the tools/ subfolder Signed-off-by: -
Christian Brauner authored
It doesn't make sense to error out when an app container doesn't pass explicit arguments through c->start{l}(). This is especially true since we implemented lxc.execute.cmd. However, even before we could have always relied on lxc.init.cmd and errored out after that. Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Callers can then make a decision whether they want to consider the peer closing the connection an error or not. For example, a c->wait(c, "STOPPED", -1) call can then consider a ECONNRESET not an error but rather see it - correctly - as a container exiting before being able to register a state client. Signed-off-by: -
Christian Brauner authored
This is the proper way to handle errors. Signed-off-by: -
Christian Brauner authored
If timeout is set to 0 don't block. Signed-off-by: -
Christian Brauner authored
Take the lock on the list after we've done all necessary work and check state. If we are in requested state, do cleanup and return without adding the state client to the state client list. Signed-off-by: -
Christian Brauner authored
This checks whether multiple concurrent waiters all get notified by the state server. Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
- setting the handler->state value is atomic on any POSIX implementation since we're dealing with an integer (enum/lxc_state_t) - while the state clients are served it is not possible for lxc_set_state() to transition to the next state anyway so there's no danger in moving to the next state with clients missing it - we only care about the list being modified Signed-off-by: -
Christian Brauner authored
There are multiple reasons why this is not required: - every command is transactional - we only care about the list being modified not the memory allocation and other costly operations Signed-off-by: -
Christian Brauner authored
We're dealing with an integer (lxc_state_t which is an enum). Any POSIX implementation makes those operations atomic so there's not need in locking this. Signed-off-by: -
Christian Brauner authored
When we remove a state client fd there's not reason to walk the whole list. We can simply break once we found and removed the fd. Signed-off-by: -
Christian Brauner authored
We want the loglevel that the user specified when starting the container because it overrides the default one set in the config. Closes #2003. Reported-by:
-
