For the lxc-* C binaries, introduce a -P|--lxcpath command line option
to override the system default.

With this, I can

    lxc-create -t ubuntu -n r1
    lxc-create -t ubuntu -n r1 -P /home/ubuntu/lxcbase
    lxc-start -n r1 -d
    lxc-start -n r1 -d -P /home/ubuntu/lxcbase
    lxc-console -n r1 -d -P /home/ubuntu/lxcbase
    lxc-stop -n r1

all working with the right containers (module cgroup stuff).

To do:
    * lxc monitor needs to be made to handle cgroups.
      This is another very invasive one.  I started doing this as
      a part of this set, but that gets hairy, so I'm sending this
      separately.  Note that lxc-wait and lxc-monitor don't work
      without this, and there may be niggles in what I said works
      above - since start.c is doing lxc_monitor_send_state etc
      to the shared abstract unix domain socket.
    * Need to handle the cgroup conflicts.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Replace deprecated AM_CONFIG_HEADER with AC_CONFIG_HEADERS.

This is needed for automake-1.13.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

For lxc-ls without --active, only output a directory in lxc_path if it
contains a file named config. This avoids extra directories that may
exist in lxc_path, for example .snapshot if lxc_path is an nfs mount.

For lxc-ls with --active, don't output . if there are no active
containers.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Check for lxcbr0, virbr0 and br0 and use one of those if they exist.

Set mac address if network type is veth.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Daniel Lezcano <daniel.lezcano@free.fr>

Signed-off-by: Daniel Lezcano <daniel.lezcano@free.fr>

Add [gs]et_config_path from API to Lua binding. Add additional optional
parameter to container_new(). Add tests for these new Lua API bindings.
Commit 2a59a681 changed the meaning of lxc_path_get() in the binding,
causing lua script breakage. Reinstate original behavior of
lxc_path_get() and rename it to lxc_default_config_path_get() to make
its intent clearer.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

The previous lxcpath patches added support for a custom LXCPATH set
through a system-wide configuration file.

This was also exposed through the C api, so that a custom lxcpath could
be set at the container object instanciation time, or set at runtime.

However the command sock filename was always located under the global
lxcpath, which could be confusing, and would be a problem for users
with insufficient perms to the system-wide lxc path (i.e. if setting
lxcpath to $HOME/lxcbase).  This patch changes that by passing the
lxcpath to all callers of lxc_command().

It remains to add an lxcpath command line argument to most of the
command line tools (which are not using the C api) - lxc-start,
lxc-info, lxc-stop, etc.

At this point it becomes tempting to do something like

	c = lxc.Container("r1", "/var/lib/lxc")
	c2 = lxc.Container("r1", "$HOME/lxcbase")

However, that's problematic - those two will use the same directory
names for cgroup directories.

What would be the best way to handle this?  One way (which I kind
of like) is to give up on naming the cgroups after the container.
use mkstemp for the cgroup name, let lxc keep track of the cgroup
name based on the command socket, and make users use lxc-cgroup to get
and change settings.

Other ideas?
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Add the two new calls to the API and add the new container_path
parameter to the constructor (optional).

This also extends list_containers to support the config_path parameter.
At this point none of the actual tools are changed to make use of those
as we'll probably want to make sure all the tools get the extra option
at once.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Tested-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

1. When calling c->set_config_path(), update configfile.  I.e. if we
are setting the config_path to /var/lib/lxc, then the configfile should
be changed to /var/lib/lxc/$container/config

2. Add an optional configpath argument to lxc_container_new.  If NULL,
then the default will be used (as before).  If set, then the passed-in
path will be used.  This way you can do

	c1 = lxc.Container("r1", "/var/lib/lxc");
	c2 = lxc.Container("r2", "/home/user/lxcbase");

(Note I did *not* implement the python or lua binding to pass that
argument along)
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

This simply adds an extra blank line between the original lxc config
and the template generated options.

In typical use cases, this means that we'll now get the header, then
a blank line, then default.conf content, then a blank line and finally
the template generated config.

The wording of the header is also changed slightly so that it fits in
the usual 80 columns.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

This introduces manpages for:
 - lxc-checkconfig
 - lxc-device
 - lxc-info
 - lxc-netstat
 - lxc-shutdown (wasn't in Makefile)
 - lxc-start-ephemeral
 - lxc-version

This commit also sorts configure.ac and Makefile.am.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Also fix some tabs-as-spaces in lxc_unshare.c itself.
lxc-unshare: run usage() on '-h'
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

And doing so pointed out a bug in lxc-clone itself - it claims
default fssize is 2G.  It's not.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

lxc.functions.in is meant to be sourced, not to be called as a script.
So as it's not executable and not meant to be, it shouldn't have
a /bin/sh shebang.

This fixes an error reported by lintian.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

As discussed earlier this week, lxc-setcap and lxc-setuid have been
in pretty bad shape lately. Most if not all distros recommend against
using them or don't ship them at all.

With the ongoing work to get user namespaces working in upstream LXC,
we think it's best to drop those two now as we prepare to land proper
setuid helpers to deal with user namespaces.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Add mknod to lxc.cap.drop since udev is conditioned on CAP_MKNOD capability.
Update base package list.
Signed-off-by: Alexander Vladimirov <alexander.idkfa.vladimirov@gmail.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Here is a patch to introduce a configurable system-wide
lxcpath.  It seems to work with lxc-create, lxc-start,
and basic python3 lxc usage through the api.

For shell functions, a new /usr/share/lxc/lxc.functions is
introduced which sets some of the basic global variables,
including evaluating the right place for lxc_path.

I have not converted any of the other python code, as I was
not sure where we should keep the common functions (i.e.
for now just default_lxc_path()).

configure.ac: add an option for setting the global config file name.
utils: add a default_lxc_path() function
Use default_lxc_path in .c files
define get_lxc_path() and set_lxc_path() in C api
use get_lxc_path() in lua api
create sh helper for getting default path from config file
fix up scripts to use lxc.functions

Changelog:
  feb6:
	fix lxc_path in lxc.functions
	utils.c: as Dwight pointed out, don't close a NULL fin.
	utils.c: fix the parsing of lxcpath line
	lxc-start: print which rcfile we are using
	commands.c: As Dwight alluded to, the sockname handling was just
	   ridiculous.  Clean that up.
	use Dwight's recommendation for lxc.functions path: $datadir/lxc
	make lxccontainer->get_config_path() return const char *
		Per Dwight's suggestion, much nicer than returning strdup.
  feb6 (v2):
        lxccontainer: set c->config_path before using it.
	convert legacy lxc-ls
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Reported-by: Alvaro Miranda <mirandaa@redrock.net.nz>
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

This will soon be followed by the introduction of a "real" system wide
/etc/lxc/lxc.conf storing global LXC settings.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Tomohiro Matsuyama <tomo@cx4a.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

The lua binding is based closely on the python binding. Also included are
a test program for excercising the binding, and an lxc-top utility for
showing statistics on running containers.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

If 'optional' is in the mount options, then avoid failure in
mount().

Experiments suggest we could just do this checking data at
mount_entry(), but that feels less proper than using
hasmntopt() against the mntent.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Until now, if a lxc-* (i.e. lxc-start) command did not specify a logfile
(with -o logfile), the default was effectively 'none'.  With this patch,
the default becomes a per-container log file.

If a container config file specifies 'lxc.logfile', that will override
the default.  If a '-o logfile' argument is specifed at lxc-start,
then that will override both the default and the configuration file
entry.  Finally, '-o none' can be used to avoid having a logfile at
all (in other words, the previous default), and that will override
a lxc.logfile entry in the container configuration file.

If the user does not have rights to open the default, then 'none' will
be used.  However, in that case an error will show up on console.  (We
can work on removing that if it annoys people, but I think it is
helpful, at least while we're still ironing this set out)  If the user
or container configuration file specified a logfile, and the user does
not have rights to open the default, then the action will fail.

One slight "mis-behavior" which I have not fixed (and may not fix) is
that if a lxc.logfile is specified, the default logfile will still
get created before we read the configuration file to find out there
is a lxc.logfile entry.

changelog:  Jan 24:

 add --enable-configpath-log configure option

 When we log to /var/lib/lxc/$container/$container.log, several things
 need to be done differently than when we log into /var/log/lxc (for
 instance).  So give it a configure option so we know what to do

 When the user specifies a logfile, we bail if we can't open it.  But
 when opening the default logfile, the user may not have rights to
 open it, so in that case ignore it and continue as if using 'none'.

 When using /var/lib/lxc/$c/$c.log, we use $LOGPATH/$name/$name.log.
 Otherwise, we use $LOGPATH/$name.log.

 When using /var/lib/lxc/$c/$c.log, don't try to create the log path
 /var/lib/lxc/$c.  It can only not exist if the container doesn't
 exist.  We don't want to create the directory in that case.  When
 using /var/log/lxc, then we do want to create the path if it does
 not exist.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

rpm on ubuntu puts the rpm db under $HOME, which wont be /root if
sudo is used
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

The logfile changes broke lxc-info and possibly more command line
tools. Revert for now until we get those issues addressed.

This reverts commit 74476cf1.

The logfile changes broke lxc-info and possibly more command line
tools. Revert for now until we get those issues addressed.

This reverts commit b8e0503a.

log_open: make sure the parent directory for logfiles
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

[ Thanks to Stéphane and Dwight for the feedback on the previous patch ]

Until now, if a lxc-* (i.e. lxc-start) command did not specify a logfile
(with -o logfile), the default was effectively 'none'.  With this patch,
the default becomes $LOGPATH/<container>/<container>.log.  LOGPATH is
specified at configure time with '--with-log-path='.  If unspecified, it
is $LXCPATH, so that logs for container r2 will show up at
/var/lib/lxc/r2/r2/log.  LOGPATH must exist, while lxc will make sure to
create $LOGPATH/<name>.  As another example, Ubuntu will likely specify
--with-log-path=/var/log/lxc (and place /var/log/lxc into
debian/lxc.dirs), placing r2's logs in /var/log/lxc/r2/r2.log.

If a container config file specifies 'lxc.logfile', that will override
the default.  If a '-o logfile' argument is specifed at lxc-start,
then that will override both the default and the configuration file
entry.  Finally, '-o none' can be used to avoid having a logfile at
all (in other words, the previous default), and that will override
a lxc.logfile entry in the container configuration file.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

In lxc-setcap the path to lxc-init wasn't set right, so that
a call to the script failed with an error. This patch sets
the path to the right directory.
Signed-off-by: Matthias Brugger <matthias.bgg@gmail.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

This is for consistency with the rest of lxc, and also because type checks for
shell builtins, a behavior that we do not want in these cases. Ensure stderr
for which is redirected to /dev/null also.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Only the container parent needs to keep that fd open.  Close it
as soon as the container's first task is spawned.  Else it can
show up in /proc/$$/fd in the container.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

In eglibc st_uid and st_gid are defined as unsigned integers, in bionic those
are defined as unsigned long (which is inconsistent with the kernel's
defintion that's uint_32).

To workaround this problem, simply cast those two to int.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

A quick scan through the code showed that lxc-oracle.in is the only
file in the branch containing trailing whitespaces, this clears them.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Dropbear implements lightweight SSH2 server and client functionality and
is likely to be included in embedded Linux distros.
Signed-off-by: Purcareata Bogdan <B43198@freescale.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

The 3.8 kernel now supporst uid mappings, so I believe it's appropriate
to proceed with this patchset.
The container config supports new entries of the form:
 lxc.id_map = U 100000 0 10000
 lxc.id_map = G 100000 0 10000
meaning map 'virtual' uids (in the container) 0-10000 to uids
100000-110000 on the host, and same for gids.  So long as there are
mappings specified in the container config, then CONFIG_NEWUSER will
be used when the container is cloned.  This means that container
setup is no longer done with root privilege on the host, only root
privilege in the container.  Therefore cgroup setup is moved from the
init task to the monitor task.

To use this patchset, you currently need to either use the raring
kernel at ppa:serge-hallyn/usern-natty, or build your own kernel
from either git://kernel.ubuntu.com/serge/quantal-userns.git.
(Alternatively you can use Eric's tree at the latest userns-always-map-*
branch at
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git
but you will likely want to at least enable tmpfs mounts in user namespaces)

You also need to chown the files in the container rootfs into the
mapped range.  There is a utility at
https://code.launchpad.net/~serge-hallyn/+junk/nsexec to do this.
uidmapshift does the chowning, while the container-userns-convert
script nicely wraps that program.  So I simply

	sudo lxc-create -t ubuntu -n r1
	sudo container-userns-convert r1 200000

will create a container which is shifted so uid 0 in the container
is uid 200000 on the host.

TODO: when doing setuid(0), need to only do that if 0 is one of the
ids we map to.  Similarly, when dropping capabilities, need to only
not do that if 0 is one of the ids we map to.  However, the question
of what to do for 'weird' containers in private user namespaces is
one I'm punting for later.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

This is a first step to enabling user namespaces.  When starting a
container in a new user namespace, the child will not have the
rights to write to the cgroup fs.  (We can give it that right, but
don't always want to have to).

At the parent, we don't want to setup_cgroups() before the child
has set itself up.  But we also don't want to wait until it has
started running it's init, since that is racy.

Therefore introduce a new sync point.  The child will let the
parent know when it is ready to be confined, and wait for the
parent to respond that it has done so.  Then the child will finish
constraining itself with LSM and seccomp and execute init.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Always unblock parent when child setup fails, rather than just
exiting.

Also remove a duplicate call to setup_cgroup().  We'll want it
close to there for userns, but not right there - that's too late,
and could happen after container init has done something bad
without cgroup restrictions.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>