- 17 Nov, 2016 40 commits
-
-
Evgeni Golov authored
debootstrap sometimes selects the wrong mirror due to [1] [1] https://bugs.debian.org/819300Signed-off-by:
Evgeni Golov <evgeni@debian.org>
-
Evgeni Golov authored
http.debian.net is an alias anyways and httpredir.debian.org is the official name of the service Signed-off-by: -
Aleksandr Mezin authored
Signed-off-by:Aleksandr Mezin <mezin.alexander@gmail.com>
-
Bogdan Purcareata authored
The warning has been present since commit 32b37181 (with no purpose stated). Support for dynamically linked Busybox has been added since commit bf6cc736. Haven't encountered any issues with dynamically linked Busybox in my last 2 years' testing. Signed-off-by:
Bogdan Purcareata <bogdan.purcareata@nxp.com> Acked-by:
Stéphane Graber <stgraber@ubuntu.com>
-
Aleksandr Mezin authored
This gives more meaningful error message than "invalid sequence". Signed-off-by: -
Aleksandr Mezin authored
Signed-off-by: -
Bogdan Purcareata authored
Signed-off-by: -
Christian Brauner authored
The open_without_symlink routine has been specifically created to prevent mounts with synlinks as source or destination. Keep SYSERROR'ing in that particular scenario, but leave error handling to calling functions for the other ones - e.g. optional bind mount when the source dir doesn't exist throws a nasty error. Signed-off-by: -
Sungbae Yoo authored
Explain that the pipe symbol needs to be escaped for -s. Signed-off-by:Sungbae Yoo <sungbae.yoo@samsung.com>
-
KATOH Yasufumi authored
Explain that the pipe symbol needs to be escaped for -e and -s. Update for commit 759d521bSigned-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp>
-
Serge Hallyn authored
don't always warn about unused cgroups, it's noisy and not helpful Signed-off-by:Serge Hallyn <serge.hallyn@ubuntu.com>
-
Serge Hallyn authored
If lxcfs starts before cgroup-lite, then the first cgroup mountpoints in /proc/self/mountinfo are /run/lxcfs/*. Unprivileged users cannot access these. So privileged containers are ok, and unprivileged containers are ok since they won't cache those to begin with. But unprivileged root-owned containers cache /run/lxcfs/* and then try to use them. So when doing cgroup automounting check whether the mountpoints we have stored are accessible, and if not look for a new one to use. Signed-off-by: -
Stéphane Graber authored
Reported-by: lintian Signed-off-by: -
Ubuntu authored
When containers have lxcfs mounted instead of cgroupfs, we have to process /proc/self/mountinfo a bit differently. In particular, we should look for fuse.lxcfs fstype, we need to look elsewhere for the list of comounted controllers, and the mount_prefix is not a cgroup path which was bind mounted, so we should ignore it, and named subsystems show up without the 'name=' prefix. With this patchset I can start containers inside a privileged lxd container with lxcfs mounted (i.e. without cgroup namespaces). Closes #830 Signed-off-by:Ubuntu <ubuntu@localhost.localdomain>
-
Serge Hallyn authored
Because that's what lxcfs gives us. Signed-off-by: -
Serge Hallyn authored
If we're trying to allow a device which was denied to our parent container, just continue. Cgmanager does not help us to distinguish between eperm and other errors, so just always continue. We may want to consider actually computing the range of devices to which the container monitor has access, but OTOH that introduces a whole new set of complexity to compute access sets. Closes #827 Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Serge Hallyn authored
Otherwise after a shortcut on error we could end up trying to write to the closed log fd. Signed-off-by: -
Serge Hallyn authored
fname cannot be passed in as NULL by any of its current callers. If it could, then build_dir() would crash as it doesn't check for it. So make sure we are warned if in the future we pass in NULL. Signed-off-by: -
Katze authored
Signed-off-by:benaryorg <binary@benary.org>
-
Stéphane Graber authored
Signed-off-by: -
Wolfgang Bumiller authored
Some systems need to be able to bind-mount /run to /var/run and /run/lock to /var/run/lock. (Tested with opensuse 13.1 containers migrated from openvz.) Signed-off-by:Wolfgang Bumiller <w.bumiller@proxmox.com>
-
KATOH Yasufumi authored
Update for commit 020104c3Signed-off-by:
-
KATOH Yasufumi authored
Update for commit ff689149Signed-off-by:
-
Serge Hallyn authored
Just as cgmanager does, if we are calculating a task's paths, drop the trailing '/init.scope'. We don't want the container to sit under there. Signed-off-by: -
Min Wang authored
Signed-off-by:Min Wang <mingewang@gmail.com>
-
Carlos Alberto Lopez Perez authored
* This are either '.', '..' or a hidden directory. And this names should not be used for a container in any case. * Before this patch, if you created a git repository under lxc.lxcpath (it can be useful to keep track of the configurations of your containers) Then, when you run lxc-ls you will get the following output: # lxc-ls .git container1 container2 .... This is because there is a 'config' file inside the '.git' directory. It is where git stores the configuration of the repository. And the test lxc-ls does to check if a directory contains a container is just to check if the 'directory/config' file exists. Signed-off-by:Carlos Alberto Lopez Perez <clopez@igalia.com>
-
KURODA Hiraku authored
Signed-off-by:KURODA Hiraku <kuroda@syngram.co.jp>
-
Nehal J Wani authored
We no longer use mirrors.kernel.org. Commit f71e8f41 switched it to archives.fedoraproject.org Signed-off-by:
Nehal J Wani <nehaljw.kkd1@gmail.com>
-
Wolfgang Bumiller authored
They change a value and return true on success rather than fetching the value as the comments previously suggested. Signed-off-by:
-
Tycho Andersen authored
No reason for these to be +x, and it looks weird. Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Acked-by:
-
Bogdan Purcareata authored
When running application containers with lxc-execute, /dev is populated only with device entries. Since /dev is a tmpfs mount in the container environment, the /dev/shm folder not being present is not a sufficient reason for the /dev/shm mount to fail. Create the /dev/shm directory if not present. Signed-off-by:
-
Bogdan Purcareata authored
In the current implementation, the open_without_symlink function will default to opening the root mount only if the passed rootfs prefix is null. It doesn't account for the case where this prefix is passed as an empty string. Properly handle this second case as well. Signed-off-by:
-
Marko Hauptvogel authored
Should be mentioned separately because it will reset a big group of options. Signed-off-by:
Marko Hauptvogel <marko.hauptvogel@googlemail.com> Acked-by:
-
Christian Brauner authored
The lock path for lxc is not RUNTIME_PATH/lock/lxc but rather RUNTIME_PATH/lxc/lock Signed-off-by:
Christian Brauner <christian.brauner@mailbox.org> Acked-by:
-
Marko Hauptvogel authored
More general for all list options. Seems to currently affect: lxc.network (clear all NICs) lxc.network.* (clear current NIC) lxc.cap.drop lxc.cap.keep lxc.cgroup lxc.mount.entry lxc.mount.auto lxc.hook lxc.id_map lxc.group lxc.environment Signed-off-by:
-
KATOH Yasufumi authored
Update for commit 7eff30fdSigned-off-by:
-
Nehal J Wani authored
We no longer use mirrors.kernel.org. Commit f71e8f41 switched it to archives.fedoraproject.org Signed-off-by:
-
Serge Hallyn authored
Show the ifindex in case it's useful Signed-off-by: -
Serge Hallyn authored
When preserving fds for the stop hook, make sure to also save any fds we've inherited. Signed-off-by:
-
