Commits · 90658f16040d65cecf2c0eaa5368bbf522aee577 · Chen Yisong / lxc

09 May, 2021 5 commits
- tests: add tests for supported architectures · 90658f16
  Christian Brauner authored May 09, 2021
```
Ensure that we detect all supported architectures and don't regress
recognizing them.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  90658f16
- confile: re-add aarch64 architecture · cae2b16f
  Christian Brauner authored May 09, 2021
```
Apparenty we dropped this when we cleaned up architecture handling.

Fixes: #3832
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  cae2b16f
- Merge pull request #3831 from sjuxax/zfs-fix · 1910c228
  Christian Brauner authored May 09, 2021
```
Skip rootfs pinning for ZFS roots.
```
  1910c228
- Reflow ZFS check to follow the style of the overlayfs return. · 0dd4788a
  Jeff Cook authored May 09, 2021
```
Per https://github.com/lxc/lxc/pull/3831#discussion_r628865713Signed-off-by: Jeff Cook <jeff@jeffcook.io>
```
  0dd4788a
- Skip rootfs pinning for ZFS roots. · 4bc6ecbf
  Jeff Cook authored May 08, 2021
```
Signed-off-by: Jeff Cook <jeff@jeffcook.io>
```
  4bc6ecbf
07 May, 2021 2 commits
- Merge pull request #3829 from brauner/2021-05-07.fixes · 5b508c37
  Stéphane Graber authored May 07, 2021
```
doc: document new idmap= option for lxc.rootfs.options
```
  5b508c37
- doc: document new idmap= option for lxc.rootfs.options · 1852be90
  Christian Brauner authored May 07, 2021
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  1852be90
06 May, 2021 2 commits

Merge pull request #3827 from brauner/2021-05-06.cap_setfcap · ce86ae55
Stéphane Graber authored May 06, 2021
```
conf: handle kernels with CAP_SETFCAP
```
ce86ae55

conf: handle kernels with CAP_SETFCAP · 86c78011

authored May 06, 2021

LXC is being very clever and sometimes maps the caller's uid into the
child userns. This means that the caller can technically write fscaps
that are valid in the ancestor userns (which can be a security issue in
some scenarios) so newer kernels require CAP_SETFCAP to do this. Until
newuidmap/newgidmap are updated to account for this simply write the
mapping directly in this case.

Cc: stable-4.0
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

86c78011

04 May, 2021 11 commits

Merge pull request #3825 from brauner/2021-05-04.fixes · 78af4d9c
Stéphane Graber authored May 04, 2021
```
lxc.arch fixes
```
78af4d9c

attach: introduce explicit personality macro · 3a881819

authored May 04, 2021

Introduce LXC_ATTACH_DETECT_PERSONALITY to make it explicit what is
happening instead of using -1.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

3a881819

conf: add personality_t · 64a04c84

authored May 04, 2021

Catch errors in personality handling better.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

64a04c84

attach_options: unbreak header · 7fd384d1

authored May 04, 2021

In a moment of idioticity I switch -1 with 0xffffffff in the header
definition but we use -1 to autodetect.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

7fd384d1

conf: rework lxc_config_parse_arch() · 7c43fa56

authored May 04, 2021

Fix architecture parsing. So far we couldn't really differ between "want
default architecture" and "failed to parse requested architecture"
because the -1 return value means both. Fix this by using the return
value only to indicate success or failure and return the parsed
personality in a return argument.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

7c43fa56

conf: tweak setup_personality() · 9c601e1f

authored May 04, 2021

Use the dedicated LXC_ARCH_UNCHANGED macro everywhere instead of relying
on -1 being correct.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

9c601e1f

tree-wide: make personality codepaths unconditional · 38608992

authored May 04, 2021

Now that we have the infra to make personality handling unconitional
remove the ifndefs everywhere.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

38608992

syscalls: wrap personality syscall if undefined · 3857c4eb

authored May 04, 2021

There's no need to making personality handling conditional as it has
been around for such a long time that only weird systems wouldn't have
support for it. And especially if the user requested a specific
personality to be set but the system doesn't support the personality
syscall we should loudly fail instead of moving on.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

3857c4eb

commands: log at debug not info level when receiving file descriptors · 1d74176d

authored May 04, 2021

Don't spam the logs because we do receive a lot of file descriptors.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

1d74176d

confile: make per_name struct static · 5f2a6ec4
Christian Brauner authored May 04, 2021
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
5f2a6ec4
Merge pull request #3823 from evverx/gcc-11-workaround · 13723cb9
Christian Brauner authored May 04, 2021
```
string_utils: get around GCC-11 false positives
```
13723cb9

03 May, 2021 9 commits
- Merge pull request #3824 from evverx/sanitizers-follow-ups · 3176d82e
  Stéphane Graber authored May 03, 2021
```
github: remove the dh-* packages
```
  3176d82e
- string_utils: get around GCC-11 false positives · 6d345aa4
  Evgeny Vereshchagin authored May 03, 2021
```
by getting rid of stpncpy

Tested with gcc (GCC) 11.1.1 20210428 (Red Hat 11.1.1-1)

Closes https://github.com/lxc/lxc/issues/3752Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
```
  6d345aa4
- github: also pass the j option to make · bfb24cf0
  Evgeny Vereshchagin authored May 03, 2021
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
```
  bfb24cf0
- github: remove the dh-* packages · 72f83931
  Evgeny Vereshchagin authored May 03, 2021
```
We don't build any packages there so it seems we don't need
those packages any more. Apart from that, it should make the
script work on Ubuntu Hirsute where dh-systemd was merged into
debhelper and is no longer available.
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
```
  72f83931
- Merge pull request #3819 from dev-aaront-org/console-mode-messages · 705b2c32
  Stéphane Graber authored May 03, 2021
```
conf: fix console chmod error log messages
```
  705b2c32
- Merge pull request #3822 from stgraber/master · 58f5195d
  Christian Brauner authored May 03, 2021
```
github: Run apt-get update in sanitizer test
```
  58f5195d
- Merge pull request #3820 from brauner/2021-05-03.lxc_monitord.log · 49192457
  Stéphane Graber authored May 03, 2021
```
lxc_monitord: remove monitord log
```
  49192457
- github: Run apt-get update in sanitizer test · 56878587
  Stéphane Graber authored May 03, 2021
```
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
```
  56878587
- lxc_monitord: remove monitord log · 8ee2f36f
  Christian Brauner authored May 03, 2021
```
The tool is effectively unused with current master so removing the log
should be ok by now. Let's remove the log to avoid issues such as #3747.

Fixes #3747
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  8ee2f36f
01 May, 2021 2 commits
- Merge pull request #3818 from evverx/disable-logs-on-oss-fuzz · 86deb111
  Christian Brauner authored May 01, 2021
```
oss-fuzz: always turn off logging on OSS-Fuzz
```
  86deb111
- conf: fix console chmod error log messages · 07020e48
  Aaron Thompson authored May 01, 2021
```
Signed-off-by: Aaron Thompson <dev@aaront.org>
```
  07020e48
30 Apr, 2021 5 commits

Merge pull request #3817 from brauner/2021-04-30.fixes · 122413ad
Stéphane Graber authored Apr 30, 2021
```
cgroups: fix fallback attach codepath
```
122413ad

cgroups: fix fallback attach codepath · 112ccbc9

authored Apr 30, 2021

When we attach to an old server the server can return ENOSYS instead of
ENOCGROUP2 which causes LXC to abort the attach unnecessary. Fix this!
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

112ccbc9

Merge pull request #3816 from brauner/2021-04-30/fixes · b75c91de
Stéphane Graber authored Apr 30, 2021
```
storage: fix dup_cloexec() call
```
b75c91de

oss-fuzz: always turn off logging on OSS-Fuzz · a390325f

authored Apr 30, 2021

Apparently /proc/self/cmd can't be used (reliably) on OSS-Fuzz to figure out
whether the code is run inside the fuzz targets, which causes the
fuzz targets to fill the filesystem with log files.

Related: https://github.com/google/oss-fuzz/issues/5509
Should address https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33835Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

a390325f

storage: fix dup_cloexec() call · 2570cdf3
Christian Brauner authored Apr 30, 2021
```
Fixes: Coverity 1477399
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
2570cdf3

28 Apr, 2021 4 commits
- Merge pull request #3814 from brauner/2021-04-28.fixes · 7a2bd5db
  Stéphane Graber authored Apr 28, 2021
```
api-extensions: add entry for idmapped_mounts
```
  7a2bd5db
- api-extensions: add entry for idmapped_mounts · fa3a0034
  Christian Brauner authored Apr 28, 2021
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  fa3a0034
- Merge pull request #3812 from brauner/2021-04-28.fixes · 6d938020
  Stéphane Graber authored Apr 28, 2021
```
storage/dir: cleanup mount code
```
  6d938020
- Merge pull request #3802 from evverx/build-system-fuzzers · 94363265
  Christian Brauner authored Apr 28, 2021
```
oss-fuzz: switch to --enable-fuzzers
```
  94363265