- 28 Aug, 2015 20 commits
-
-
Serge Hallyn authored
and don't use it if not. This fixes failure to build with older cgmanager. Signed-off-by:
Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by:
Stéphane Graber <stgraber@ubuntu.com>
-
Serge Hallyn authored
Doing this requires some btrfs functions from bdev to be used in utils.c Because utils.h is imported by lxc_init.c, I had to create a new initutils.[ch] which are used by both lxc_init.c and utils.c We could instead put the btrfs functions into utils.c, which would be a shorter patch, but it really doesn't belong there. So I went the other way figuring there may be more such cases coming up of fns in utils.c needing code from bdev.c which can't go into lxc_init. Currently, if we detect a btrfs subvolume we just remove it. The st_dev on that dir is different, so we cannot detect if this is bound in from another fs easily. If we care, we should check whether this is a mountpoint, this patch doesn't do that. Signed-off-by:
-
Serge Hallyn authored
Signed-off-by: -
Kien Truong authored
We need to use lxc_list_for_each_safe, otherwise de-allocation will fail with a list size bigger than 2. The pointer to the head of the list also need freeing after we've freed all other elements of the list. Signed-off-by:Kien Truong <duckientruong@gmail.com>
-
Kien Truong authored
Signed-off-by: -
Kien Truong authored
Add a function to sort the cgroup settings before applying. Currently, the function will put memory.memsw.limit_in_bytes after memory.limit_in_bytes setting so the container will start regardless of the order specified in the input. Fix #453 Signed-off-by: -
Natanael Copa authored
This is needed for lxc.autodev=1 to work. Signed-off-by:
Natanael Copa <ncopa@alpinelinux.org> Acked-by:
-
Stéphane Graber authored
If an unprivileged ephemeral container is started as follows, lxc-start-ephemeral -o trusty -n test_ephemeral Then an empty directory remains upon exit from the container, ~/.local/share/lxc/test_ephemeral/tmpfs/delta0 (The tmpfs filesystem is successfully unmounted, but we seem to lack permission to delete the delta0 directory). This issue arose following commits 4799a1e7 and dd2271e6 . The following patch resolves the issue. It has been tested on ubuntu 14.04 with the lxc-daily ppa. Since gmail screws up the formatting of the patch via line-wrapping etc, please copy the patch from the issue-tracker rather than from this email. Signed-off by: Oleg Freedholm <overlayfs@gmail.com> Acked-by: -
Serge Hallyn authored
One of the 'features' of overlayfs is that depending on whether a file is on the upper or lower dir you get back a different device from stat. That breaks our lxc_rmdir_onedev. So at lxc_rmdir_ondev check the device of the directory being deleted. If it is overlayfs, then skip the device check. Note this is unrelated to overlayfs snapshots - in those cases when you delete a container, /var/lib/lxc/$container/ does not actually have an overlayfs under it. Rather, to reproduce this you would sudo mkdir /opt/{lower,upper,workdir} sudo mount -t overlayfs -o lower=/opt/lower,upper=/opt/upper,workdir=/opt/workdir \ lxc /var/lib/lxc sudo lxc-create -t download -n c1 -- -d ubuntu -r trusty -a amd64 sudo lxc-destroy -n c1 Signed-off-by:Marko Ratkaj <marko.ratkaj@sartura.hr> Acked-by:
-
Markos Chandras authored
/dev/shm needs to be mounted as tmpfs. It's needed by python and possibly other packages. Signed-off-by:Markos Chandras <hwoarang@gentoo.org>
-
Stéphane Graber authored
Close #421 Signed-off-by:
-
Tomas Pospisek authored
- document environment variables - add missing --packages switch to command line - describe how to pass template options to lxc-create (since lxc-create -h doesn't tell you) - render help text in the same pretty format as lxc-create does Signed-off-by:
Tomáš Posíšek <tpo_deb@sourcepole.ch> Acked-by:
-
Johannes Kastl authored
Ensures matching versions of lxc and lxc-libs being installed Signed-off-by:
Johannes Kastl <mail@ojkastl.de> Acked-by:
-
Markus Elfring authored
The following functions return immediately if a null pointer was passed. * container_destroy * lxc_cgroup_process_info_free_and_remove * lxc_cgroup_put_meta * toss_list It is therefore not needed that a function caller repeats a corresponding check. This issue was fixed by using the software Coccinelle 1.0.0-rc23. Signed-off-by:
Markus Elfring <elfring@users.sourceforge.net> Acked-by:
-
Markus Elfring authored
The function "free" is documented in the way that no action shall occur for a passed null pointer. It is therefore not needed that a function caller repeats a corresponding check. http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first This issue was fixed by using the software Coccinelle 1.0.0-rc23. Signed-off-by:
-
Stéphane Graber authored
This defines a missing variable and re-indents the code a bit. Signed-off-by:
-
Serge Hallyn authored
It turns out that the new upstream overlay fs requires that the delta and work dirs be under the same mount. So create a $lxcpath/tmpfs and create delta0 and work0 under that. If the user asks for a tmpfs that'll be mounted under $lxcpath/tmpfs and workdir and delta0 both created under that. This isn't heavily tested. But if fixes mounting of 'overlay' fs for me. It's "not backward compatible", since it moves delta0, but that shouldn't matter since ephemeral containers are either destroyed on exit, or re-started with lxc-start. Signed-off-by:
-
Serge Hallyn authored
We fixed this some time ago for basic lxc-start, but never did lxc-start-ephemeral. Since the lxc-start patches were pushed, Miklos has given us a way to detect whether we need the workdir= option. So the bdev.c code could be simplified to check for "overlay\n" in /proc/filesystems just as lxc-start-ephemeral does. This patch doesn't do that. Changelog (v2): 1. use 'overlay' fstype for new overlay upstream module 2. avoid using unneeded readlines(). Signed-off-by:
-
David Noyes authored
Signed-off-by:David Noyes <david.j.noyes@gmail.com>
-
David Noyes authored
Signed-off-by:
-
- 27 Aug, 2015 11 commits
-
-
David Ward authored
It is not an error to create a container without a template or rootfs. Signed-off-by:
David Ward <david.ward@ll.mit.edu> Acked-by:
-
David Ward authored
Commit 6c6892b5 "fix multithreaded create()" prevented the container configuration from being saved if the backing store does not need to be created. Signed-off-by:
-
David Ward authored
A container without a rootfs is useful for running a collection of processes in separate namespaces (to provide separate networking as an example), while sharing the host filesystem (except for specific paths that are re-mounted as needed). For multiple processes to run automatically when such a container is started, it can be launched using lxc-start, and a separate instance of systemd can manage just the processes inside the container. (This assumes that the path to the systemd unit files is re-mounted and only contains the services that should run inside the container.) For this use case, autodev should be permitted for a container that does not have a rootfs. Signed-off-by:
-
David Ward authored
Signed-off-by:
-
David Ward authored
Signed-off-by:
-
David Ward authored
Signed-off-by:
-
David Ward authored
Use the same code with and without a rootfs to check if mounting /proc is necessary before doing so. If mounting it is unsuccessful and there is no rootfs, continue as before. Signed-off-by:
-
Antonio Terceiro authored
Signed-off-by:
Antonio Terceiro <terceiro@debian.org> Acked-by:
-
Nicolas Cornu authored
Signed-off-by:Nicolas Cornu <ncornu@aldebaran.com>
-
Robert Schiele authored
Latest glibc release actually honours calling setenv with a NULL pointer by causing SIGSEGV but checking pointers before submitting to any system function is a good idea anyway. Signed-off-by:Robert Schiele <rschiele@gmail.com>
-
Nicolas Cornu authored
Signed-off-by:
-
- 14 Aug, 2015 9 commits
-
-
Antonio Terceiro authored
There is no such thing as security support for unstable/sid. Signed-off-by:
-
Tycho Andersen authored
Somehow our `make tags` target generates TAGS and not tags, so let's ignore that too. Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Acked-by:
-
Arjun Sreedharan authored
reuse label cleanup since free(NULL) is a no-op Signed-off-by:
Arjun Sreedharan <arjun024@gmail.com> Acked-by:
-
Przemek Rudy authored
Signed-off-by:
Przemek Rudy <prudy1@o2.pl> Acked-by:
-
Robert LeBlanc authored
Caps are getting lost when cloning an LXC. Adding the -X parameter copies the extended attributes. This allows things like ping to continue to be used by a non-privilged user in Debian at least.
-
Nicolas Cornu authored
Signed-off-by:Nicolas Cornu <nicolac76@yahoo.fr>
-
Jiri Slaby authored
zypper info's output is not usable for several reasons: * it is localized -- there is no "Version: " in my output * it shows results both from the repo and local system So use plain rpm to determine whether build is installed and if proper version is in place. Signed-off-by:Jiri Slaby <jslaby@suse.cz>
-
Nicolas Cornu authored
lxc-init has been renamed init.lxc so adapt error message Signed-off-by: -
Natanael Copa authored
We need specify which hashing algorithm was used to create the signature we check. Fixes #609 Signed-off-by:
-
