- 30 Mar, 2009 1 commit
-
-
Daniel Lezcano authored
Rename lxc_namespace.h to namespace.h Signed-off-by:Daniel Lezcano <daniel.lezcano@free.fr>
-
- 27 Mar, 2009 1 commit
-
-
Ryousei Takano authored
'uname -m' seems to be more general to get the machine's architecture type. Ubunbu 8.10 (and also all debian based distros?) does not have arch(1). Signed-off-by:
Ryousei Takano <takano-ryousei@aist.go.jp> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 26 Mar, 2009 4 commits
-
-
Ryousei Takano authored
This patch adds the mtu option setting for the lxc-fedora script. Signed-off-by:
Ryousei Takano <takano-ryousei@aist.go.jp> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Ryousei Takano authored
This patch adds the mtu option setting for the lxc-debian script. Signed-off-by:
Ryousei Takano <takano-ryousei@aist.go.jp> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
"I checked lxc-0.6.1 and your commit 75d09f83 (set mtu for netdev). I found a problem of the MTU size of br0. In the current code, device_set_mtu() is called after bridge_attach(), so the MTU size of br0 is set to the default MTU size of veth0 (i.e., 1500 bytes). This causes performance degradation as I reported. We need to modify to call device_set_mtu() before bridge_attach()" Now that we have the network functions accessible, do not longer use the lxc_configure_veth, lxc_configure_macvlan and split the configuration of the veth in order to create it, configure it and finally attach it to the bridge. Reported-by:
Ryousei Takano <takano-ryousei@aist.go.jp> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com> Acked-by:
Ryousei Takano <takano-ryousei@aist.go.jp>
-
Daniel Lezcano authored
The network functions are too encapsulated and do not allow flexibility. Export all these api and prepare the changes for the next patch to set the mtu. Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com> Acked-by:
Ryousei Takano <takano-ryousei@aist.go.jp>
-
- 25 Mar, 2009 1 commit
-
-
Ryousei Takano authored
Hi Daniel, This patch removes unused variable 'strmtu' and fix an incorrect variable name. Signed-off-by:
Ryousei Takano <takano-ryousei@aist.go.jp> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 24 Mar, 2009 2 commits
-
-
Daniel Lezcano authored
increment the minor version number for the next release Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Daniel Lezcano authored
Instead of having the capabilities to be set automatically, it will be up to the user to set them through a specific script 'lxc-setcap'. After installing the lxc tools, if we want them to be available, for a non-root user, lxc-setcap will set the needed capabilities. If, after thinking it, we want to remove the capabilities, the 'lxc-setcap -d' will do this for us. Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com> Acked-by:
Guido Trotter <ultrotter@google.com>
-
- 22 Mar, 2009 2 commits
-
-
Daniel Lezcano authored
When setting the mtu size at the veth creation, the mtu is only set on one side of the veth tunnel, the one attached to the bridge. I changed a little the code and added the device_set_mtu function so it is called after the veth has been created on both side. That moves the mtu veth specific code inside the veth function creation. Hopefully this code could be reused later for different future network configuration (eg. ip tunnel). The mtu option will be simply ignored in case of macvlan network configuration because the macvlan network device inherit the mtu of the physical link. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Takano Ryousei authored
Hi Daniel, I resent my patch. I hope to fix folding failure. This patch allows users to specify the MTU size of the veth interface. It helps to use jumbo frames on the container. Changes from v1: - Fix failing if the 'mtu' is not specified. - Delete the 'mtu' entry at time of lxc-destroy. Signed-off-by:
Ryousei Takano <takano-ryousei@aist.go.jp> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 20 Mar, 2009 2 commits
-
-
Daniel Lezcano authored
lxc-init has moved to libexec, change the corresponding setcap path. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
Matt Helsley authored
Add signalfd and signalfd4 syscall number definitions for powerpc so that we may compile even with older platform headers. Signed-off-by:
Matt Helsley <matthltc@us.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 19 Mar, 2009 5 commits
-
-
Guido Trotter authored
Signed-off-by:
Guido Trotter <ultrotter@quaqua.net> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Guido Trotter authored
s/accessible/accessed/ because the optionality of the possibility is already expressed by the 'can be' in front of it. Signed-off-by:
Guido Trotter <ultrotter@quaqua.net> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Guido Trotter authored
It might be handy for the user to specify a different kernel config file to check, perhaps the one of a kernel he's about to build. To allow that we only set the CONFIG variable if it's not present in the environment before. Also, if CONFIG is not found and we resort to a different file, we say it explicitely, to avoid typos on the user's part resulting in silently checking a different config than the one the user wanted. Signed-off-by:
Guido Trotter <ultrotter@quaqua.net> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Guido Trotter authored
The current version of lxc-checkconfig falls back to searching in /lib/modules/$KVER/build/.config if it doesn't find the config. In some systems, though, the config will be installed in /boot/config-$KVER, so we'll look there as well. Signed-off-by:
Guido Trotter <ultrotter@quaqua.net> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Guido Trotter authored
Since lxc-init is a helper program, which doesn't have an usage output and is only going to be called only internally by lxc-execute, we'll move it to the libexec dir. Signed-off-by:
Guido Trotter <ultrotter@quaqua.net> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 16 Mar, 2009 1 commit
-
-
Daniel Lezcano authored
Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 11 Mar, 2009 1 commit
-
-
Daniel Lezcano authored
The actual behavior is to mount bind the rootfs to a specific location and chroot to it. If someone did previously some bind mount in the rootfs they will be lost in the container. This fix makes the rootfs to have the submounts in the container. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 10 Mar, 2009 1 commit
-
-
Kristian Høgh authored
Hi Daniel, This patch retrieves info from kernel config in /lib/modules/`uname -r`/build/.config unless /proc/config.gz exist Signed-off-by:
Kristian Høgh <kfh.lxc@kfh.dk> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 09 Mar, 2009 2 commits
-
-
Serge E. Hallyn authored
Switch the flags and sp for sys_clone for s390. Without this, lxc-execute gets a segfault on clone (of course). With this, it succeeds. Signed-off-by:
Serge Hallyn <serue@us.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Serge E. Hallyn authored
define s390x signalfd for systems with headers which are too old. Signed-off-by:
Serge Hallyn <serue@us.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 08 Mar, 2009 6 commits
-
-
Michael K. Johnson authored
If sys/signalfd.h does not exist, assume that it does not exist in glibc, rather than that it exists without a corresponding header file. Note that this version of the signalfd() wrapper function (unlike the version in glibc) falls back dynamically to the old signalfd system call if the signalfd4 system call is not implemented in the currently-running kernel; the version in glibc chooses the version of the signalfd system call to make via static build-time configuration. Signed-off-by:
Michael K Johnson <johnsonm@rpath.com> Signed-off-by:
Daniel Lezcnao <dlezcano@fr.ibm.com>
-
Matt Helsley authored
nbargs isn't used for anything in lxc_unshare.c. Remove it. Signed-off-by:
Matt Helsley <matthltc@us.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Matt Helsley authored
Add the ability to lookup usernames and check uids. Bails out early if the given uid/name does not exist and avoids using atoi() (which is bad because we can't tell if it parsed an int or a pumpkin). Signed-off-by:
Matt Helsley <matthltc@us.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Matt Helsley authored
The second const qualifier causes gcc to emit a warning. const char * should be sufficient. Signed-off-by:
Matt Helsley <matthltc@us.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Matt Helsley authored
On distros with older headers liblxc fails to build because PR_CAPBSET_DROP is not defined by including /usr/include/sys/prctl.h. This adds an autoconf test and, if not present, defines it. When prctl() is called on systems that do not support PR_CAPBSET_DROP we should expect EINVAL. This case is already handled by the liblxc code so no further changes are needed. Signed-off-by:
Matt Helsley <matthltc@us.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Matt Helsley authored
On Mon, 2009-02-09 at 15:43 -0800, Dan Smith wrote: > DL> It may be possible to use yum like debootstrap for an minbase > DL> fedora install. > > Yep, something like the following should work: > > root=/path/to/tmproot > mkdir -p $root/var/lib/rpm > rpm --root $root --initdb > rpm --root $root -Uvfh --nodeps http://fedora.osuosl.org/linux/releases/10/Fedora/i386/os/Packages/fedora-release-10-1.noarch.rpm > yum --installroot=$root -y groupinstall Base Looks familiar! ;) I was intrigued by this idea last weekend so I started such a script. However I only tested it as far as creating a semi-correct rootfs. With the exception of network configs most of the configs are still written as for debian. For example I know the selinux policy enforcement settings need to move, the inittab needs to be replaced by the proper upstart configs, etc. Of course it's based heavily on Daniel's excellent lxc-debian script. Signed-off-by:
Matt Helsley <matthltc@us.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 20 Feb, 2009 1 commit
-
-
dlezcano authored
From: Daniel Lezcano <dlezcano@fr.ibm.com> Add the pts configuration when creating a debian container. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 16 Feb, 2009 7 commits
-
-
dlezcano authored
-
dlezcano authored
From: Daniel Lezcano <daniel.lezcano@free.fr> Factor out some code and especially the parsing of text file functions. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
dlezcano authored
From: Daniel Lezcano <dlezcano@fr.ibm.com> Allow to specify a block device as the rootfs. The creation of the container will try with brute force to determine the file system type. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
dlezcano authored
From: Daniel Lezcano <daniel.lezcano@free.fr> lxc-execute and lxc-create need capability to mount. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
dlezcano authored
From: Daniel Lezcano <daniel.lezcano@free.fr> The realpath function is more convenient to build the absolute path of the rootfs. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
dlezcano authored
From: Daniel Lezcano <daniel.lezcano@free.fr> Instead of using a symlink to the rootfs, just mount bind the rootfs directory. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
dlezcano authored
From: Daniel Lezcano <daniel.lezcano@free.fr> Remove some debian services because they don't have sense in a container, like the hw clock or the unmount of the file systems. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
- 12 Feb, 2009 3 commits
-
-
dlezcano authored
From: Daniel Lezcano <dlezcano@fr.ibm.com> Update the man page with the new devpts instance option. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
dlezcano authored
From: Daniel Lezcano <dlezcano@fr.ibm.com> The pts new instance is setup conforming the documentation in the kernel sources, Documentation/filesystems/devpts.txt. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
dlezcano authored
From: Daniel Lezcano <dlezcano@fr.ibm.com> This patch adds the configuration for a new pts instance. Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-