- 29 Jan, 2014 7 commits
-
-
Natanael Copa authored
It is normally not needed. Signed-off-by:
Natanael Copa <ncopa@alpinelinux.org> Acked-by:
Stéphane Graber <stgraber@ubuntu.com>
-
Stéphane Graber authored
Signed-off-by:
Serge E. Hallyn <serge.hallyn@ubuntu.com>
-
Robert Vogelgesang authored
lxc_monitord_spawn() in src/lxc/monitor.c contained "umask(0);", and because of this, lxc-monitord created lxc-monitord.log with mode 0666. World-writeable log files are bad, so remove this umask(0). Signed-off-by:
Robert Vogelgesang <vogel@users.sourceforge.net> Acked-by:
Dwight Engen <dwight.engen@oracle.com> Acked-by:
-
Kaarle Ritvanen authored
Signed-off-by:
Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> Acked-by:
-
Serge Hallyn authored
If we have a bad config file entry, fail. Otherwise lxc-start will proceed with a partial configuration. Signed-off-by: -
Serge Hallyn authored
Remove a memory leak on error path. Only try to initialize cpuset if cgroup.clonechildren does not exist. Bump the max value we read from cpuset.{cpus,mems} to 1024. If cpuset.cpus or .mems is already initialized but is too long, don't fail. If parent's cpuset.cpus or .mems is too long, record an error and fail. If anyone actually runs into this, we can simply allocate the required length as needed, but we don't expect anyone to run into this. Signed-off-by: -
Robert Vogelgesang authored
Hi, as promised last week, here's my patch for cpuset cgroup support for kernels without the cgroup.clone_children feature. My initial patch used "#include <linux/version.h>" and the macros defined there to decide if cgroup.clone_children should be used or not. After having seen Serge Hallyn's patch which he posted to the list last Wednesday, where he used stat() to check if the cgroup.clone_children file is there, I rewrote my patch to do the same. The patch is against 1.0.0.beta3, and it is tested successfully with RHEL-6's kernel version 2.6.32-431.3.1.el6, compiled without cgmanager (I've so far not tried to use cgmanager in RHEL-6). In addition to fixing the cpuset cgroup setup, this patch also fixes a wrong argument in a call to handle_cgroup_settings() in the same context. Robert Signed-off-by:
-
- 28 Jan, 2014 5 commits
-
-
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
gza authored
Signed-off-by:
gza <github.guillaume@zitta.fr> Acked-by:
-
gza authored
Now splited config 2 settings available * common ** featureful oriented settings * moresecure ** security oriented Signed-off-by:
-
gza authored
Signed-off-by:
-
- 27 Jan, 2014 6 commits
-
-
S.Çağlar Onur authored
This allows external users to query network related config items from the running containers. changes since v1: - function name change Signed-off-by:
S.Çağlar Onur <caglar@10ur.org> Acked-by:
-
Stéphane Graber authored
Signed-off-by: -
Serge Hallyn authored
Otherwise, after a fork, both pids may be flushing. When redirecting output to a file, this causes duplicate (or really far worse) output. Signed-off-by:
-
Stéphane Graber authored
- Also include the variant in the path - Fix invalid LXC_CACHE_BASE - Drop redundant code Signed-off-by:
-
Luka Perkov authored
Signed-off-by:
Luka Perkov <luka.perkov@sartura.hr> Acked-by:
-
KATOH Yasufumi authored
* update for commit e43157b4Signed-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp> Acked-by:
-
- 26 Jan, 2014 2 commits
-
-
Stéphane Graber authored
Signed-off-by: -
Qiang Huang authored
Make the way symmetric. This also fix the file leak in daemon model. Signed-off-by:
Qiang Huang <h.huangqiang@huawei.com> Acked-by:
-
- 25 Jan, 2014 3 commits
-
-
S.Çağlar Onur authored
Signed-off-by:
-
Serge Hallyn authored
If the user explicitly asks for a snapshot clone (in which case maybe_snap is not set), we cannot abide this currently. Rather than exit later with more cryptic error messages, exit out early. Signed-off-by:
-
Kaarle Ritvanen authored
Signed-off-by:
-
- 24 Jan, 2014 17 commits
-
-
Stéphane Graber authored
mktemp isn't always available in busybox. Signed-off-by: -
Serge Hallyn authored
After this patch, starting an unprivileged container using cgmanager gets the cgroup chown to the container root, so that it can install the cgmanager (proxy) and make cgroup requests. (Still desirable and not in this patch is the automatic setup of /sys/fs/cgroup/manager/sock, which you can currently do with two lxc.mount.entries) Signed-off-by:
-
Stéphane Graber authored
- Fix cgroup test to work on multi-core systems - Drop user interaction Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Apparently some older systems didn't have __NR_setns but had __NR_set_ns. Signed-off-by: -
Dwight Engen authored
Signed-off-by:
-
Michael H. Warfield authored
Added code to the CentOS and Fedora templates so that x86 32 bit containers may be built on x86_64 platforms. Like archectectures may also be trivially used as well. Option added is "-a {arch}". Additionally cleaned up some bash specific logic. Signed-off-by:Michael H. Warfield <mhw@WittsEnd.com> Acked-by:
-
Serge Hallyn authored
The geteuid() addition is being made the first element of the lxc_list, but the first element is just a head whose entry is ignored. Therefore userns_exec_1() was starting its tasks without the caller's uid mapped into the namespace. Signed-off-by:
-
Dwight Engen authored
Signed-off-by:
-
KATOH Yasufumi authored
Signed-off-by:
-
Stéphane Graber authored
Drop 60s delay and clear config before loading it. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
