- 03 May, 2012 11 commits
-
-
David Ward authored
Modify the cgroup search to only use hierarchies that contain one or more subsystems. When searching, if a hierarchy contains the 'ns' subsystem, do not append '/lxc' to the parent cgroup. Change method of bind mounting /proc/<pid>/net onto /proc/net, to avoid error "cannot mount block device /proc/<pid>/net read-only". Check that user is root. Check that container name is specified before calling 'exec'. Update the help information. Print error messages and help information to stderr. Make indentation consistent. Signed-off-by:
David Ward <david.ward@ll.mit.edu> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
David Ward authored
Add an '--active' option that lists active containers by searching cgroups. (Otherwise, the directories in /var/lib/lxc are listed.) Modify the cgroup search to only use hierarchies that contain one or more subsystems. When searching, if a hierarchy contains the 'ns' subsystem, do not append '/lxc' to the parent cgroup. Add a '--help' option that prints the command syntax. Print error messages and help information to stderr. Update the documentation. Signed-off-by:
-
David Ward authored
Obtain a list of subsystems from /proc/cgroups, and ignore hierarchies that are not bound to any of them (especially the 'systemd' hierarchy: http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups ). Signed-off-by:
-
David Ward authored
To attach a new pid to the cgroups for an existing container, we can use the same method that we did when we started the container: iterate over all the mounted cgroup hierarchies; find the cgroup that pid 1 is in for each hierarchy; add 'lxc/<name>' to the end of it; then write the pid to the 'tasks' file in that cgroup. (The only difference is that we do not create the cgroup again.) Note that we follow exactly the same iteration pattern to delete our cgroups when a container is shutdown. There may be situations where additional cgroups hierarchies are mounted after the container is started, or the cgroup for pid 1 gets reassigned. But we currently don't handle any of these cases in the shutdown code or anywhere else, so it doesn't make sense to try to handle these cases for lxc-attach by itself. Aside from simplifying the code, this change makes it easier to solve a different problem: ignoring hierarchies that are not bound to any subsystems (like 'systemd'). Signed-off-by:
-
David Ward authored
Avoid nesting and improve readability. Signed-off-by:
-
David Ward authored
lxc-cgroup gets or sets the value of a state object (such as 'cpuset.cpus'), not the value of a subsystem (which would be just 'cpuset'). Signed-off-by:
-
David Ward authored
When a hierarchy contains the 'ns' subsystem, do not append '/lxc' to the parent cgroup. Update surrounding comments for consistency. Signed-off-by:
-
David Ward authored
Having a rootfs is not a necessary condition for monitoring utmp, since /var or /var/run can just be remounted inside the container instead. We should rely on the other two conditions already in place to decide whether to monitor the utmp file: - the container was started with 'lxc-start', which indicates that it has a real init process and is expected to write to a utmp file - support for CAP_SYS_BOOT was not found in the kernel, which would otherwise supersede utmp monitoring Signed-off-by:
-
David Ward authored
If CAP_SYS_BOOT is not found in the kernel, the existing value for conf->need_utmp_watch should be left intact (which will be '1' for containers started with 'lxc-start', or '0' for containers started with 'lxc-execute'). Signed-off-by:
-
David Ward authored
execvp does not require specifying the full path to the executable (e.g., "ls" instead of "/bin/ls"), making the operation of 'lxc-attach' consistent with 'lxc-start' and 'lxc-execute'. Signed-off-by:
-
David Ward authored
__NR_setns is defined in the Linux kernel headers in linux/unistd.h. The full Linux kernel sources are not necessary for compilation. Signed-off-by:
-
- 20 Mar, 2012 1 commit
-
-
Daniel Lezcano authored
-
- 18 Mar, 2012 3 commits
-
-
Serge Hallyn authored
(which reminds me a lxc-clone manpage still needs to be written) Signed-off-by:
Serge Hallyn <serge.hallyn@ubuntu.com> Signed-off-by:
-
Serge Hallyn authored
1. fix inconsistent use of '--auth-key' (not --auth_key) which broke their usage 2. add --debug option to lxc-ubuntu (which does set -x to show what broke) (idea from Idea from lifeless and benji) 3. fix incorrect assumption about group with -b option. User's default group may not be the same as username. Signed-off-by: -
Serge Hallyn authored
We were doing the check for whether we need to watch utmp from a thread cloned from that which will actually do the utmp watching. As a result, the utmp file was always being watched, even if it didn't need to be. Move the check to the parent thread. Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/948623Signed-off-by:
Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by:
-
- 05 Mar, 2012 2 commits
-
-
InformatiQ authored
Signed-off-by:
InformatiQ <rhanna@informatiq.org> Signed-off-by:
-
Serge Hallyn authored
when using ns cgroup, use /cgroup/<init-cgroup> rather than /cgroup/<init-cgroup>/lxc At least lxc-start, lxc-stop, lxc-cgroup, lxc-console and lxc-ls work with this patch. I've tested this in a 2.6.35 kernel with ns cgroup, and in a 3.2 kernel without ns cgroup. Note also that because of the check for container reboot support, if we're using the ns cgroup we now end up with a /cgroup/<container>/2 cgroup created, empty, by the clone(CLONE_NEWPID). I'm really not sure how much time we want to spend cleaning such things up since ns cgroup is deprecated in kernel. Signed-off-by:
Serge Hallyn <serge@hallyn.com> Signed-off-by:
-
- 01 Mar, 2012 2 commits
-
-
Daniel Lezcano authored
Signed-off-by: -
Daniel Lezcano authored
Signed-off-by:Daniel Lezcano <daniel.lezcano@free.fr>
-
- 26 Feb, 2012 21 commits
-
-
Daniel Lezcano authored
Reported-by : Denny Schierz <linuxmail@4lin.net> Signed-off-by: -
Serge Hallyn authored
Otherwise there is no clear indication to the user why the container startup failed. Signed-off-by:
-
Serge Hallyn authored
Add a macaddr if precisely one veth is specified but no hwaddr. Allow specifying ssh authkeys. In cloud template, copy locales by default and allow a tarball to be specified. Signed-off-by:
Ben Howard <ben.howard@canonical.com> Signed-off-by:
-
Serge Hallyn authored
1. --path is meant to be passed by lxc-create, but should not be passed in by users. Don't advertise it in --help. 2. --clean syntax ends up not making much sense. Get rid of it, and add '--flush-cache' option instead. Signed-off-by:
-
Serge Hallyn authored
The option is implied by '-d', because the admin won't see the warning message. Signed-off-by:
-
Serge Hallyn authored
Author: Stéphane Graber <stgraber@ubuntu.com> Use ubuntu/ubuntu instead of root/root by default. Stop removing tty[56].conf in Precise. Stop messing with dhclient.conf. Set devttydir on Precise to /dev/lxc to allow for clean upgrades. Signed-off-by:
Stéphane Graber <stgraber@ubuntu.com> Signed-off-by:
-
Serge Hallyn authored
If set, then the console and ttys will be bind-mounted not over /dev/console, but /dev/<ttydir>/console and then symlinked from there to /dev/console. Signed-off-by:
-
Ubuntu authored
btrfs support from Scott Moser. Signed-off-by:
-
Ubuntu authored
From Scott Moser. Signed-off-by:
-
Serge Hallyn authored
Thanks to dlezcano for spotting this. Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
This is a new template to create containers based on the ubuntu cloud images, rather than using debootstrap. Signed-off-by:
-
Serge Hallyn authored
lxcguest is no longer needed, as precise should boot in a container un-modified. Signed-off-by:
-
Serge Hallyn authored
netstat -x sometimes spits errors to stderr like: warning, got bogus unix line. Shut those up as they don't help lxc-ls. Signed-off-by:
-
Serge Hallyn authored
In order for reboot(LINUX_REBOOT_CMD_CADON) to detect whether container reboot is supported, it must be done in a non-init pid namespace. Fix that. Signed-off-by:
-
Serge Hallyn authored
The 'lxc-init' (a lightweight init process used by lxc-execute in place of upstart etc) tries to mount /dev/shm during startup. If that fails (for instance /dev/shm does not exist) then it aborts execution and returns -1. This is unreasonable as very few applications actually need /dev/shm. Signed-off-by:
-
Serge Hallyn authored
Don't call it an error if a container exits without calling sys_reboot. Particularly since that will almost always be the case with lxc-execute. This fixes a regression introduced in commit "49296e2ebfe7c5f9d6ebafbb54f5c5e56a0cc085: support proper container reboot" Signed-off-by:
-
Serge Hallyn authored
Support building a container of a foreign architecture if qemu-user-static is installed. This is done by installing some packages of the host architecture in the container using multi-arch. Author: Stéphane Graber <stgraber@ubuntu.com> Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
If a container has created its own cgroups, i.e. by running libvirtd, then if we don't delete all child cgroups, then the rmdir will fail. Signed-off-by:
-
Serge Hallyn authored
Use the correct path for the container's cgroup task file. Also exit out early and cleanly if the container is not running, and bind-mount /proc/$pid/net with '-n' to keep the entry out of mtab, else the mtab entry will never go away. Signed-off-by:
-
