- 08 Apr, 2010 2 commits
-
-
Daniel Lezcano authored
Store the container in the handler, so it is accessible everywhere. Signed-off-by:Daniel Lezcano <dlezcan@fr.ibm.com>
-
Daniel Lezcano authored
This patch adds a function to count the number of tasks in the container. The result is not reliable as it may change with a fork or an exit, but in some cases, for example, there is only one task, or the container is frozen, the result is accurate. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 02 Apr, 2010 2 commits
-
-
Daniel Lezcano authored
When no console is specified, do not try to setup the console. Signed-off-by: -
Michel Normand authored
based on patch from: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com> but also: * remove the deprecated --directory one. * change liblxc api of checkpoint/restart to use fd and not string. * explicitely report error messages for the checkpoint/restart stub functions. Signed-off-by:
Michel Normand <normand@fr.ibm.com> Signed-off-by:
-
- 22 Mar, 2010 7 commits
-
-
Daniel Lezcano authored
Fix type and missing capability. Signed-off-by: -
Michel Normand authored
The log file in lxc-init is quite useless as the code is trivial. Signed-off-by:
Cedric Le Goater <clg@fr.ibm.com> Signed-off-by:
-
Michel Normand authored
Wrong variable. Signed-off-by:
-
Daniel Lezcano authored
When we try to attach to a container belonging to another user than us, the command fails as expected but the return code is wrong, so we have an "unknown error" instead of "permission denied". The culprit is: - strerror(command.answer.ret)); + strerror(-command.answer.ret)); The rest of the code is indentation without code impact. Signed-off-by:
-
Daniel Lezcano authored
This patch allows to execute a command or enter inside the container: * lxc-attach -n <name> [command] If the <command is not specified>, the lxc-attach will retrieve your uid and get your shell name and exec it in the container. Signed-off-by: -
Daniel Lezcano authored
Open the console at the setup time, otherwise the openeded file descriptor will be considered as an inherited fd and the startup will fail. Signed-off-by: -
Cedric Le Goater authored
This patch modifies the startup of a container to forbid opened fds, unless these are stdios. Signed-off-by:
-
- 26 Feb, 2010 2 commits
-
-
Daniel Lezcano authored
In the process of rollbacking, the handler->pid is not set we must not kill it. Otherwsise, kill(-1, SIGKILL), ouch ! ... Signed-off-by: -
Daniel Lezcano authored
Add the console.h file in order to compile the dist file. Signed-off-by:
-
- 25 Feb, 2010 3 commits
-
-
Daniel Lezcano authored
Delete the network devices when an error occurs before they are moved to the network namespace (network namespace destruction triggers the network devices deletion). Otherwise they stay in the system. Signed-off-by: -
Daniel Lezcano authored
Fix inconsistent function definition regarding the headers. Signed-off-by: -
Daniel Lezcano authored
Add a function to delete the network device by its index. Signed-off-by:
-
- 24 Feb, 2010 13 commits
-
-
Daniel Lezcano authored
Fix the warning: start.c: In function ‘lxc_fini’: start.c:250: warning: implicit declaration of function ‘lxc_unlink_nsgroup’ start.c: In function ‘lxc_spawn’: start.c:380: warning: implicit declaration of function ‘lxc_rename_nsgroup’ Signed-off-by: -
Silas Sewell authored
The patch fixes a build error on the devel version of Fedora. Signed-off-by:
Silas Sewell <silas@sewell.ch> Signed-off-by:
-
Daniel Lezcano authored
When the umount fails, we force the umount and make the mount point unaccessible by using a lazy umount. Signed-off-by: -
Daniel Lezcano authored
When there is no rootfs, don't create a console. Signed-off-by: -
Daniel Lezcano authored
As the console output can be a tty, we want to have the terminal to be set as a specific manner to not echo and receive signals from the keyboard. Signed-off-by: -
Daniel Lezcano authored
The actual behaviour of the console is messy as: * it relies on a heuristic (tty or not, rootfs or not, etc ...) * the container init stole the tty and we lose the control The following patch: * allocates a tty * maps this tty to the container console * proxy the io from the console to the file specified in the configuration lxc.console=<file> That allows to specify a file, a fifo, a $(tty), and can be extended with an uri like file://mypath, net://1.2.3.4:1234, etc ... That solves the problem with the heuristic and the container does no longer stole our current tty. Note by default, the console output will go to a blackhole if no configuration is specified making the container showing nothing. In order to access the console from the tty, use lxc-start -n foo -s lxc.console=$(tty) I propose the make the container to daemonize by default now. I tried the following: in a shell: touch /var/lib/lxc/foo/console tail --retry -f /var/lib/lxc/foo/console in another shell: lxc-start -n foo -s lxc.console=/var/lib/lxc/foo/console Signed-off-by:
-
Daniel Lezcano authored
Use a prefixed enum to avoid conflict later. Signed-off-by: -
Daniel Lezcano authored
No need to include the lxc_conf structure definition, a forward declaration is enough. Signed-off-by: -
Daniel Lezcano authored
Use the mainloop to manage io of the console. Signed-off-by: -
Daniel Lezcano authored
Factor out the console code and encapsulate the code in functions. Signed-off-by: -
Daniel Lezcano authored
When there is an empty network namespace, we must not move the network device. Signed-off-by: -
Daniel Lezcano authored
Add missing include Signed-off-by: -
Daniel Lezcano authored
Do not check CPUSET configuration when SMP is not enabled. Signed-off-by:
-
- 22 Jan, 2010 4 commits
-
-
Daniel Lezcano authored
Increment to 0.6.5 version. Signed-off-by: -
Daniel Lezcano authored
There are several cases where the system can no longer access a mount point or a mount point configuration makes the algorithm bogus. For example, we mount something and then we chroot, the mount information will give an unaccessible path and the container won't be able to start because this mount point will be unaccessible. But if it's the case, then we can just warn and continue running the container. Another case is the path to a mount point is not accessible because there is another mount point on top of it hiding the mount point. So the umount will fail and the container won't start. Easy to reproduce: mkdir -p /tmp/dir1/dir2 mount -t tmpfs tmpfs /tmp/dir1/dir2 mount -t tmpfs tmpfs /tmp/dir1 So can we just ignore the error when unmounting and continue to the list again and again until it shrinks. At the end, we just display the list of the unmounted points. Signed-off-by: -
Michel Normand authored
Signed-off-by:
-
Michel Normand authored
the last patch commit 81810dd1 make lxc to not compile anymore on rhel5u1 Signed-off-by:
-
- 21 Jan, 2010 7 commits
-
-
Daniel Lezcano authored
Signed-off-by: -
Daniel Lezcano authored
Hello everyone! I've written a patch which adds a new config keyword 'lxc.cap.drop'. This keyword allows to specify capabilities which are dropped before executing the container binary. Example: lxc.cap.drop = sys_chroot lxc.cap.drop = mknod lxc.cap.drop = sys_module or specify in a single line: lxc.cap.drop = sys_chroot mknod sys_module Reworked-by:
Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by:
Michael Holzt <lxc@my.fqdn.org> Signed-off-by:
-
Daniel Lezcano authored
A mindless change. Signed-off-by: -
Michel Normand authored
Signed-off-by:
-
Michel Normand authored
Signed-off-by:
-
Michel Normand authored
Signed-off-by:
-
Michel Normand authored
Signed-off-by:
-
