- 14 Aug, 2017 25 commits
-
-
Christian Brauner authored
Signed-off-by:
Thomas Hipp <thipp@suse.de> Signed-off-by:
Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Closes #1669. Closes #1678. Relates to https://github.com/systemd/systemd/issues/6408. Signed-off-by:
-
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
When the running kernel supports cgroup namespaces and users want to manually set up cgroups via lxc.hook.mount before the init binary starts the cgroup namespace needs to be already unshared. Otherwise the view on the cgroup mounts is wrong. This commit places the call to lxc_setup() after the LXC_SYNC_POST_CGROUP barrier. Before this commit, the tty fds we allocate from a fresh devpts instance in the container's namespaces before the init binary starts were referring to the host's cgroup namespace since lxc_setup() was called before unshare(CLONE_NEWCGROUP). Although not a security risk at this point since setns() restricts its calls to /proc/<self>/ns files it's still better to do it *after* the cgroup namespace has been unshared. Adding a Suggested-by line for the lxc.mount.hook fix for Quentin. Closes #1597. Suggested-by:
Quentin Dufour <quentin@dufour.tk> Signed-off-by:
-
Li Feng authored
Signed-off-by:Li Feng <lifeng68@huawei.com>
-
Li Feng authored
Signed-off-by: -
Li Feng authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by:Stéphane Graber <stgraber@ubuntu.com>
-
William Gathoye authored
Fix potential CVE when using spaces in LXC names Signed-off-by:William Gathoye <william@gathoye.be>
-
Long Wang authored
c->destory() will not remove the temp container directory. This patch fix that. Signed-off-by:Long Wang <w@laoqinren.net>
-
0x0916 authored
use cppcheck tools `cppcheck --enable=warning .` on lxc source directory. This patch fix the following warnning ``` [src/lxc/cgroups/cgfs.c:794]: (warning) %ld in format string (no. 3) requires 'long' but the argument type is 'unsigned long'. [src/lxc/confile.c:4441]: (warning) %d in format string (no. 2) requires 'int' but the argument type is 'unsigned int'. [src/lxc/confile.c:4502]: (warning) %d in format string (no. 2) requires 'int' but the argument type is 'unsigned int'. [src/lxc/confile_legacy.c:921]: (warning) %d in format string (no. 2) requires 'int' but the argument type is 'unsigned int'. [src/lxc/confile_legacy.c:938]: (warning) %d in format string (no. 2) requires 'int' but the argument type is 'unsigned int'. [src/lxc/lxclock.c:63]: (warning) %zd in format string (no. 1) requires 'ssize_t' but the argument type is 'size_t {aka unsigned long}'. [src/lxc/tools/lxc_info.c:118]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'. [src/lxc/tools/lxc_info.c:118]: (warning) %u in format string (no. 2) requires 'unsigned int' but the argument type is 'signed int'. [src/lxc/tools/lxc_info.c:123]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'. [src/lxc/tools/lxc_info.c:127]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'. [src/lxc/tools/lxc_info.c:130]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'. [src/lxc/tools/lxc_top.c:212]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'. [src/lxc/tools/lxc_top.c:212]: (warning) %u in format string (no. 2) requires 'unsigned int' but the argument type is 'signed int'. [src/lxc/tools/lxc_top.c:217]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'. [src/lxc/tools/lxc_top.c:221]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'. [src/lxc/tools/lxc_top.c:224]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'. ``` Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
non-functional changes Signed-off-by: -
0x0916 authored
Signed-off-by: -
0x0916 authored
Signed-off-by: -
Christian Brauner authored
Also: LOL Signed-off-by:
-
- 23 Jul, 2017 1 commit
-
-
KATOH Yasufumi authored
Tab and white space is mixed in Japanese lxc.container.conf(5), so unify into the white space. Signed-off-by:KATOH Yasufumi <karma@jazz.email.ne.jp>
-
- 17 Jul, 2017 5 commits
-
-
Stéphane Graber authored
stable-2.0: bugfixes
-
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by:
-
- 16 Jul, 2017 9 commits
-
-
Long Wang authored
Only output debug info `cgroup 'xxxx' set to 'yyyy'` when we set cgroup data. Signed-off-by: -
Christian Brauner authored
non-functional changes Signed-off-by: -
Li Feng authored
In the case the container has a console with a valid slave pty file descriptor we duplicate std{in,out,err} to the slave file descriptor so console logging works correctly. When the container does not have a valid slave pty file descriptor for its console and is started daemonized we should dup to /dev/null. Closes #1646. Signed-off-by: -
Long Wang authored
we shoud test whether the file exists and grants execute permissions. Signed-off-by: -
Long Wang authored
Signed-off-by: -
Long Wang authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by: -
Christian Brauner authored
Signed-off-by:
-
