Commits · 45aec6a1e3ea6450bfcdc83bf71d5ba9c2910fa3 · Chen Yisong / lxc

17 Nov, 2016 10 commits

cgfs: explicitly check for NULL · 45aec6a1

authored Oct 30, 2016

Somehow this implementation of a cgroupfs backend decided to use the hierarchy
numbers it detects in /proc/cgroups and /proc/self/cgroups as indices for
the hierarchy struct. Controller numbering usually starts at 1 but may start at
0 if:

    a) the controller is not mounted on a cgroups v1 hierarchy;
    b) the controller is bound to the cgroups v2 single unified hierarchy; or
    c) the controller is disabled

To avoid having to rework our fallback backend significantly, we should
explicitly check for each controller if hierarchy[i] != NULL.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

45aec6a1

cgfs: skip empty entries under /proc/self/cgroup · 613fe8e9

authored Oct 30, 2016

If cgroupv2 is enabled either alone or together with legacy hierarchies
/proc/self/cgroup can contain entries of the form:

        0::/

These entries need to be skipped.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

613fe8e9

cgfs: add print_cgfs_init_debuginfo() · f43e7360
Christian Brauner authored Oct 30, 2016
```
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
```
f43e7360
improve wording of the help page for lxc-ls · e5a8e4e1
Evgeni Golov authored Oct 30, 2016
```
it's "list of columns", not "list of column"
Signed-off-by: Evgeni Golov <evgeni@debian.org>
```
e5a8e4e1
improve help text for --fancy and --fancy-format · 8c4c5641
Evgeni Golov authored Oct 30, 2016
```
Signed-off-by: Evgeni Golov <evgeni@debian.org>
```
8c4c5641

find OpenSUSE's build also as obs-build · a3ed6470

authored Oct 30, 2016

this is how it is shipped in Debian and Ubuntu
Signed-off-by: Evgeni Golov <evgeni@debian.org>

a3ed6470

cgfs: fix invalid free() · 125736f2

authored Oct 29, 2016

And let's be on the safe side by NULLing free()ed variables.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

125736f2

fix rpm build, include all built files, but only once · 727b60d6
Evgeni Golov authored Oct 29, 2016
```
Signed-off-by: Evgeni Golov <evgeni@debian.org>
```
727b60d6
use python3_sitearch for including the python code · ff88c815
Evgeni Golov authored Oct 29, 2016
```
Closes: #502
Signed-off-by: Evgeni Golov <evgeni@debian.org>
```
ff88c815

container start: clone newcgroup immediately · ff074c81

authored Jun 25, 2016

rather than waiting and later unsharing.

This "makes the creation of a new cgroup early enough that the existing
cgroup mounts are visible.  Which means any fancy permission checks
I dream will work on a future version of liblxc."

This also includes what should be a tiny improvement regarding netns,
though it's conceivable it'll break something.  Remember that with new
kernels we need to unshare netns after we've become the root user in the
new userns, so that netns files are owned by that root.  But we were
passing the unfiltered handler->clone_flags to the original clone().
This just resulted in a temporary extra netns generation, but still
worked since our target netns, which we passed our devices into, was
created late enough.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>

ff074c81

26 Oct, 2016 26 commits

tests: add lxc_error() and lxc_debug() · 8511da27
Christian Brauner authored Oct 26, 2016
```
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
```
8511da27
Tweak libtool handling to work with Android · 0a98f3df
Stéphane Graber authored Oct 25, 2016
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
0a98f3df

c/r: use snprintf to compute device name · f28b1f68

authored Oct 24, 2016

This will never actually overflow, because %d is 32 bits and eth is 128
bytes long, but safety first :)
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

f28b1f68

c/r: drop duplicate hunk from macvlan case · 4d411134
Tycho Andersen authored Oct 24, 2016
```
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
```
4d411134
ubuntu: Fix package upgrades requiring proc · 9e747ddb
Stéphane Graber authored Oct 24, 2016
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
9e747ddb
c/r: add checkpoint/restore support for macvlan interfaces · ed19e98a
Tycho Andersen authored Sep 22, 2016
```
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
```
ed19e98a

c/r: remember to increment netnr · 1bcf81d7

authored Oct 12, 2016

We need this for calculating the name of unnamed interfaces in the config.
But we also need to remember to increment it :)
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

1bcf81d7

c/r: use --external instead of --veth-pair · 841635f4

authored Oct 12, 2016

--veth-pair has been deprecated as of 2.6, let's use the new --external
instead.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

841635f4

Use libtool for liblxc.so · 4082d0de

authored Oct 21, 2016

This should allow proper filtering of build flags for libraries and make
it easier to use PIE/PIC.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

4082d0de

tools: correct the argument typo in lxc_copy · 0a93fd77

authored Oct 21, 2016

Correct the backingstorage typo in lxc_copy.
Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>

0a93fd77

s390x: Fix seccomp handling of personalities · 99f252a8

authored Oct 20, 2016

There are no personalities for s390x, so don't list itself as one.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

99f252a8

lxc-alpine: do not drop setfcap · 2b6a9830
Jakub Jirutka authored Oct 18, 2016
```
Signed-off-by: Jakub Jirutka <jakub@jirutka.cz>
```
2b6a9830
alpine: Fix installing extra packages · d8953e37
roedie authored Oct 18, 2016
```
Signed-off-by: Sander Klein <github@roedie.nl>
```
d8953e37
tools: better error reporting for lxc-start · 35946774
Christian Brauner authored Oct 14, 2016
```
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
```
35946774

tools: make overlay valid backend · f42cf2df

authored Oct 14, 2016

So far, users could only create overlay snapshots by specifying -B overlayfs
and not with -B overlay. This adds support for -B overlay.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

f42cf2df

tools: fix coding style in lxc_attach · 1c8df138
Christian Brauner authored Oct 14, 2016
```
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
```
1c8df138

tests: fix image download for s390x · 01c05c82

authored Oct 14, 2016

Make release selection more flexible.
Update the KNOWN_RELEAES list, add yakkety and remove vivid.
Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>

01c05c82

Drop leftover references to lxc_strerror(). · 31802090

authored Oct 13, 2016

lxc_strerror() was dropped long time ago, in 2009 to be exact.

Related commit:
https://github.com/lxc/lxc/commit/7cee8789514fb42d6a48d50b904e24284f5526e3Signed-off-by: Jafar Al-Gharaibeh <to.jafar@gmail.com>

31802090

archlinux: Fix resolving · b91f0fae
Stéphane Graber authored Oct 13, 2016
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
b91f0fae
archlinux: Do DHCP on eth0 · 2b67aaee
Stéphane Graber authored Oct 13, 2016
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
2b67aaee
lxc-alpine: mount /dev/shm as tmpfs · 51ee5e0c
Jakub Jirutka authored Oct 12, 2016
```
Signed-off-by: Jakub Jirutka <jakub@jirutka.cz>
```
51ee5e0c

log: sanity check the returned value from snprintf() · 934ecd08

authored Oct 10, 2016

The returned value from snprintf() should be checked carefully.

This bug can be leveraged to execute arbitrary code through carefully
constructing the payload, e.g,

lxc-freeze -n `python -c "print 'AAAAAAAA' + 'B'*959"` -P PADPAD -o /tmp/log

This command running on Ubuntu 14.04 (x86-64) can cause a segment fault.
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>

934ecd08

mark the python examples as having utf-8 encoding · 51ee3c58

authored Oct 08, 2016

this allows running them also under Python2, which otherwise
would choke on Stéphane's name and error out with
 SyntaxError: Non-ASCII character '\xc3' in file …
Signed-off-by: Evgeni Golov <evgeni@debian.org>

51ee3c58

add Documentation entries to lxc and lxc@ units · 8d45c62c
Evgeni Golov authored Oct 08, 2016
```
Signed-off-by: Evgeni Golov <evgeni@debian.org>
```
8d45c62c
tests: add test for detect_ramfs_rootfs() · ac920ef6
Christian Brauner authored Sep 06, 2016
```
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
```
ac920ef6
utils: make detect_ramfs_rootfs() return bool · 32a2ca49
Christian Brauner authored Sep 06, 2016
```
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
```
32a2ca49

05 Oct, 2016 3 commits
- change version to 2.0.5 in configure.ac · 357e023b
  Stéphane Graber authored Oct 05, 2016
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
  357e023b
- tools: lxc-checkconfig conditionalize devpts check · 3a61be8e
  Christian Brauner authored Sep 29, 2016
```
Only check for DEVPTS_MULTIPLE_INSTANCES on kernels < 4.7.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
```
  3a61be8e
- Define LXC_DEVEL to detect development releases · 51a43951
  Stéphane Graber authored Oct 04, 2016
```
This can be used by downstreams to improve their "feature" checks.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
  51a43951
03 Oct, 2016 1 commit
- Fix spelling of CentOS in the templates · fbe7891b
  Roman Mueller authored Sep 28, 2016
```
Signed-off-by: Roman Mueller <roman.mueller@gmail.com>
```
  fbe7891b