- 28 Apr, 2014 7 commits
-
-
Serge Hallyn authored
Failures were being ignored, leading up to an eventual segfault. Signed-off-by:
Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by:
Stéphane Graber <stgraber@ubuntu.com>
-
KATOH Yasufumi authored
This only converts punctuation marks from FULLWIDTH COMMA/FULL STOP to IDEOGRAPHIC COMMA/FULL STOP in Japanese man pages. The contents of man pages do not change at all. Signed-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp> Signed-off-by:
-
Dwight Engen authored
I inadvertently introduced this with commit 8bf1e61e. Signed-off-by:
Dwight Engen <dwight.engen@oracle.com> Signed-off-by:
-
Michael H. Warfield authored
Check for symlinks before attempting create. When attempting to create the compulsory symlinks in /dev, check for the existence of the link using stat first before blindly attempting to create the link. This works around an apparent quirk in the kernel VFS on read-only file systems where the returned error code might be EEXIST or EROFS depending on previous access to the /dev directory and its entries. Reported-by:
William Dauchy <william@gandi.net> Signed-off-by:
Michael H. Warfield <mhw@WittsEnd.com> Tested-by:
-
Serge Hallyn authored
Originally we kept snapshots under /var/lib/lxcsnaps. If a separate btrfs is mounted at /var/lib/lxc, then we can't make btrfs snapshots under /var/lib/lxcsnaps. This patch moves the default directory to /var/lib/lxc/lxcsnaps. If /var/lib/lxcsnaps already exists, then use that. Don't allow any container to be used with the name 'lxcsnaps'. Signed-off-by: -
Serge Hallyn authored
If you 'ip netns add x1', this creates /run/netns and /run/netns/x1 as shared mounts. When a container starts, it umounts these after pivot_root, and the umount is propagated to the host. Worse, doing mount("", "/", NULL, MS_SLAVE|MS_REC, NULL) does not suffice to change those, even after binding /proc/mounts onto /etc/mtab. So, I give up. Do this manually, walking over /proc/self/mountinfo and changing the mount propagation on everything marked as shared. With this patch, lxc-start no longer unmounts /run/netns/* on the host. Signed-off-by: -
Serge Hallyn authored
In the body of the manpage, replace a few errant 'fssize's with the more appropriate word. Reported-by:
MegaBrutal <megabrutal@megabrutal.com> Signed-off-by:
-
- 15 Apr, 2014 1 commit
-
-
Serge Hallyn authored
Signed-off-by:
-
- 11 Apr, 2014 1 commit
-
-
Serge Hallyn authored
it actually sets us up to run the nih_mainloop, but we will never run that. Signed-off-by:
-
- 09 Apr, 2014 4 commits
-
-
Dwight Engen authored
This makes it so that the host doesn't need to have an old, compat version of db43_load installed by using the db_load from the just installed container. Some newer distributions do not even have an old enough compat-db4 package available. Signed-off-by:
-
Dwight Engen authored
Signed-off-by:
-
Dwight Engen authored
Signed-off-by:
-
Dwight Engen authored
With this change, you can install a container from a mounted .iso, or any yum repo with the necessary packages. Unlike the --url option, the repo does not need to be a mirror of public-yum, but the arch and release must be specified. For example to install OL6.5 from an .iso image: mount -o loop OracleLinux-R6-U5-Server-x86_64-dvd.iso /mnt lxc-create -n OL6.5 -t oracle -- --baseurl=file:///mnt -a x86_64 -R 6.5 The template will create two yum .repo files within the container such that additional packages can be installed from local media, or the container can be updated from public-yum, whichever is available. Local media must be bind mounted from the host onto the containers' /mnt for the former .repo to work: mount --bind /mnt $LXCPATH/OL6.5/rootfs/mnt Signed-off-by:
-
- 08 Apr, 2014 4 commits
-
-
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
On very busy boards with slow IO, the shutdown process can take over 60s as the disk is syncing. Signed-off-by: -
Stéphane Graber authored
Recent fixes in the apparmor kernel code is now making at least the CI environment and quite possibly some others fail due to an invalid path in the pivot_root stanza. So update both lines to allow a more generic pivot_root call for anything in LXC's work directory. Signed-off-by:
-
KATOH Yasufumi authored
Update for commit 13bc2fd2Signed-off-by:
-
- 07 Apr, 2014 4 commits
-
-
Serge Hallyn authored
The caller might (like lxc-test-startone does) pass in a valid (or invalid) buffer and 0 length. Signed-off-by:
-
Serge Hallyn authored
In this patch I tried to stick with each file's coding style, however I think we should probably change that. Every main() should always not return and only exit; they should always return EXIT_SUCCESS or EXIT_FAILURE with the only exceptions being cases where we are returning a child's exit status (lxc_execute, lxc_attach, lxc_init). Signed-off-by:
-
Ryan Mulligan authored
Signed-off-by:
Ryan Mulligan <ryan@ryantm.com> Acked-by:
-
Serge Hallyn authored
So that exit status doesn't show up as 255. Reported-by:
Andrey Khozov <avkhozov@googlemail.com> Signed-off-by:
-
- 05 Apr, 2014 1 commit
-
-
Serge Hallyn authored
When rebooting an unprivileged container, netpipe starts out as not -1. If count_veths somehow changed this could lead to trying to send data over nonexistent pipe. (Ok can't *really* happen, as it currently stands, but it's an open end) Signed-off-by:
-
- 04 Apr, 2014 9 commits
-
-
Leonid Isaev authored
Cleanups: 1. Do not modify container's /etc/hosts (archlinux uses /etc/nsswitch.conf) 2. Remove duplicate lines from config 3. Print a nicer final message 4. Get rid of some grep's Signed-off-by:
Leonid Isaev <lisaev@umail.iu.edu> Acked-by:
-
Stéphane Graber authored
This reverts commit 34fd08f8.
-
Leonid Isaev authored
Cleanups: 1. Do not modify container's /etc/hosts (archlinux uses /etc/nsswitch.conf) 2. Remove duplicate lines from config 3. Print a nicer final message 4. Get rid of some grep's in favor of bash regex Signed-off-by:
-
Leonid Isaev authored
Do not copy the pacman master key from the host, as this opens it to attacks; generate a new secret hostkey. Signed-off-by:
-
Leonid Isaev authored
Do not cherry-pick packages for the default install to avoid dependency issues. Instead, install the base group modulo blacklisted packages. Signed-off-by:
-
Robert Vogelgesang authored
Place log file into LOGPATH instead of LXCPATH (but still use the given lxcpath if the latter differs from LXCPATH). Signed-off-by:
Robert Vogelgesang <vogel@users.sourceforge.net> Acked-by:
-
Robert Vogelgesang authored
Fix parsing of /etc/lxc/default.conf, i. e. ignore comments, and don't require whitespace left and right of the equal sign. Make the early return actually work. Signed-off-by:
-
S.Çağlar Onur authored
Signed-off-by:
S.Çağlar Onur <caglar@10ur.org> Acked-by:
-
Stéphane Graber authored
Signed-off-by:
-
- 03 Apr, 2014 1 commit
-
-
Dwight Engen authored
When lxc-info's stdout is not line buffered (ie. "lxc-info -n foo |more") the first three lines will be duplicated. This is because c->get_ips() comes next and it forks and the child will exit() causing its fds to be closed which flushes out its (fork duplicated) stdio buffers. The lines are then duplicated when the parent actually gets around to flushing out its stdio. This causes problems for programs (such as the lxc-webpanel) which are popen()ing lxc-info. The fix here isn't necessarily the right one, but does show what the problem is. Seems like maybe we should fix this inside of get_ips(), for other API callers as well. Signed-off-by:
-
- 02 Apr, 2014 6 commits
-
-
Michael H. Warfield authored
Added lxc.arch to the resulting container configuration files to support i686 on x86_64 cross arch containers. Signed-off-by:
-
Dwight Engen authored
Reported-by:
Florian Klink <flokli@flokli.de> Signed-off-by:
-
Serge Hallyn authored
Allow writes to kernel.shm*, net.*, kernel/domainname and kernel/hostname, Also fix a bug in the lxc-generate-aa-rules.py script in a path which wasn't being exercised before, which returned a path element rather than its child. Changelog (v2): remove trailing / from block path Signed-off-by:
-
Guillaume ZITTA authored
Signed-off-by:
Guillaume ZITTA <lxc@zitta.fr> Acked-by:
-
Guillaume ZITTA authored
fix lack of any generated locale Signed-off-by:
-
Stéphane Graber authored
This should help it run better on slow test environment like the LXC CI armhf builder. - Wait longer for the container to start - Wait longer for the container to shutdown - On failure to shutdown, kill the container - Always destroy the container if it's around Signed-off-by:
-
- 01 Apr, 2014 2 commits
-
-
Guillaume ZITTA authored
fix lxc-console not working by default Signed-off-by:
-
Serge Hallyn authored
This uses the generate-apparmor-rules.py script I sent out some time ago to auto-generate apparmor rules based on a higher level set of block/allow rules. Add apparmor policy testcase to make sure that some of the paths we expect to be denied (and allowed) write access to are in fact in effect in the final policy. With this policy, libvirt in a container is able to start its default network, which previously it could not. v2: address feedback from stgraber put lxc-generate-aa-rules.py into EXTRA_DIST add lxc-test-apparmor, container-base and container-rules to .gitignore take lxc-test-apparmor out of EXTRA_DIST make lxc-generate-aa-rules.py pep8-compliant don't automatically generate apparmor rules This is only bc we can't be guaranteed that python3 will be available. Signed-off-by:
-
