conf: add userns_exec_full()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Users were confused when the config file created during cloning or copying a
container suddenly missed all newlines. Let's keep them.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Closes #1802.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Closes #1800.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Closes #1800.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Closes #1800.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Closes #1800.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tools: fix lxc-upate-config

- replace lxc.network.[i].ipv4 with lxc.net.[i].ipv4.address
- remove lxc.rootfs.backend lines

Closes #1790.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Update Japanese man pages

network: add missing checks for empty links

cleanup: remove unnecessary zeroing

* and fix a typo in English man
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>

* Update for commit 594d6e30
* and some improvements
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>

In the past, if the console client exited, lxc_console_cb_con return 1. And
the lxc_poll will exit, the process will wait at waitpid. At this moment, the
process could not handle any command (For example get the container state
LXC_CMD_GET_STATE or stop the container LXC_CMD_STOP.).

I think we should clean the tty_state and return 0 in this case. So, we can use
the lxc-console to connect the console of the container. And we will not exit
the function lxc_polland we can handle the commands by lxc_cmd_process

Reproducer prior to this commit:
- open a new terminal, get the tty device name by command tty /dev/pts/6
- set lxc.console.path = /dev/pts/6
- start the container and the ouptut will print to /dev/pts/6
- close /dev/pts/6
- try an operation e.g. getting state with lxc-ls and lxc-ls will hang

Closes #1787.
Signed-off-by: LiFeng <lifeng68@huawei.com>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>

The entire netdev is zeroed via memset() already. Unions and
all.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

doc: adapt + update

- lxc.id_map -> lxc.idmap
- document lxc.cgroup.dir
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

conf: bugfixes

A bit of context:
userns_exec_1() is only used to operate based on privileges for the user's own
{g,u}id on the host and for the container root's unmapped {g,u}id. This means
we require only to establish a mapping from:
- the container root {g,u}id as seen from the host -> user's host {g,u}id
- the container root -> some sub{g,u}id

This function however was buggy. It relied on some pointer pointing to the same
memory, namely specific idmap entries in the idmap list in the container's
in-memory configuration. However, due to a stupid mistake of mine, the pointers
to be compared pointed to freshly allocated memory. They were never pointing to
the intended memory locations. To reproduce what I'm talking about prior to
this commit simply place:

    chb:999:1000000000
    chb:999:1
    chb:1000:1

in /etc/sub{g,u}id then create a container which requests the following
idmappings:

    lxc.idmap = u 0 999 999
    lxc.idmap = g 0 999 1000000000

and start the container. What we *would expect* is for liblxc to establish the
following mapping:

    newuidmap <pid> 0 999 999
    newgidmap <pid> 0 999 1000000000

since all required mappings are present. Due to the buggy pointer comparisons
what happened was:

    newuidmap <pid> 0 999 999 0 999 999
    newgidmap <pid> 0 999 1000000000 0 999 1000000000

Let's fix this.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>