- 14 Aug, 2013 6 commits
-
-
Serge Hallyn authored
Signed-off-by:Serge Hallyn <serge.hallyn@ubuntu.com>
-
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
Currently, if you create a container and use the mountcgruop hook, you get the /lxc/c1/c1.real cgroup mounted to /. If you then try to start containers inside that container, lxc can get confused. This patch addresses that, by accepting that the cgroup as found in /proc/self/cgroup can be partially hidden by bind mounts. In this patch: Add optional 'lxc.cgroup.use' to /etc/lxc/lxc.conf to specify which mounted cgroup filesystems lxc should use. So far only the cgroup creation respects this. Keep separate cgroup information for each cgroup mountpoint. So if the caller is in devices cgroup /a but cpuset cgroup /b that should now be ok. Change how we decide whether to ignore failure to set devices cgroup settings. Actually look to see if our current cgroup already has the settings. If not, add them. Finally, the real reason for this patch: in a nested container, /proc/self/cgroup says nothing about where under /sys/fs/cgroup you might find yourself. Handle this by searching for our pid in tasks files, and keep that info in the cgroup handler. Also remove all strdupa from cgroup.c (not android-friendly). Signed-off-by: -
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
It is meant to be run setuid-root to allow unprivileged users to tunnel veths from a host bridge to their containers. The program looks at /etc/lxc/lxc-usernet which has entries of the form user type bridge number The type currently must be veth. Whenver lxc-user-nic creates a nic for a user, it records it in /var/lib/lxc/nics (better location is needed). That way when a container dies lxc-user-nic can cull the dead nic from the list. The -DISTEST allows lxc-user-nic to be compiled so that it uses files under /tmp and doesn't actually create the nic, so that unprivileged users can compile and test the code. lxc-test-usernic is a script which runs a few tests using lxc-usernic-test, which is a version of lxc-user-nic compiled with -DISTEST. The next step, after issues with this code are raised and addressed, is to have lxc-start, when running unprivileged, call out to lxc-user-nic (will have to exec so that setuid-root is honored). On top of my previous unprivileged-creation patchset, that should allow unprivileged users to create and start useful containers. Also update .gitignore. Signed-off-by: -
Serge Hallyn authored
Signed-off-by:
-
- 13 Aug, 2013 2 commits
-
-
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
Signed-off-by:
-
- 12 Aug, 2013 2 commits
-
-
Scott Moser authored
--userdata was broken, completely missing an implementation. This adds that implementation back in, makes 'debug' logic correct, and then also improves the doc at the top. Signed-off-by:
Scott Moser <smoser@ubuntu.com> Signed-off-by:
-
Franz Pletz authored
The `lxc-destroy` script was using a simple `grep` for extracting `lxc.rootfs` from the lxc config. This regex also matches commented lines and breaks at least removing btrfs subvolumes if the string `lxc.rootfs` is mentioned in a comment. Furthermore, due to the unescaped dot in the regex it would also match other wrong strings like `lxc rootfs`. This patch modifies the regular expression to correctly match the beginning of the line plus potential whitespace characters and the string `lxc.rootfs`. Signed-off-by:
Franz Pletz <fpletz@fnordicwalking.de> Signed-off-by:
-
- 09 Aug, 2013 4 commits
-
-
Scott Moser authored
Signed-off-by:
-
Scott Moser authored
This allows ability to now specify '--userdata' arguments to 'create' or to 'clone'. So now, the following means very fast start of instances with different user-data. $ sudo lxc-create -t ubuntu-cloud -n precise -- \ -r precise --arch amd64 $ sudo lxc-clone -B overlayfs -o precise -s -n ephem1 \ --userdata="my.userdata1" $ sudo lxc-clone -B overlayfs -o precise -s -n ephem2 \ --userdata="my.userdata2" Also present here is * an improvement to the static list of Ubuntu releases. It uses ubuntu-distro-info if available degrades back to a static list on failure. * moving of the replacement variables to the top of the create template This is just to make it more obvious what is being replaced and put them in a single location. Signed-off-by: -
Stéphane Graber authored
Remove some dead code and fix identation, no functional change. Signed-off-by:Stéphane Graber <stgraber@ubuntu.com>
-
Stéphane Graber authored
Using mktemp() leads to build time warnings and isn't actually appropriate for what we want to do as it's checking for the existence of a file and not a network interface. Replace those calls by an equivalent mkifname() function which uses the same template as mktemp but instead checks for existing network interfaces. Signed-off-by:
-
- 07 Aug, 2013 3 commits
-
-
Serge Hallyn authored
Currently if loglevel/logfile are specified on command line in a program using LXC api, and that program does any container->save_config(), then the new config will be saved with the loglevel/logfile specified on command line. This is wrong, especially in the case of cat > lxc.conf << EOF lxc.logfile=a EOF lxc-create -t cirros -n c1 -o b which will result in a container config with lxc.logfile=b. Signed-off-by: -
Serge Hallyn authored
1. container hooks should use lxcpath and lxcname from the environment. 2. the utsname now gets separately updated 3. the rootfs path gets updated by the bdev backend. 4. the fstab mount targets should be relative 5. the fstab source directories could be separately updated if needed. This leaves one definate bug: the lxc.logfile does not get updated. This made me wonder why it was in the configuration file to begin with. Digging deeper, I realized that whatever '-o outfile' you give lxc-create gets set in log.c and gets used by the lxc_container object we create at write_config(). So if you say lxc-create -t cirros -n c1 -o /tmp/out1 then /var/lib/lxc/c1/config will have lxc.logfile=/tmp/out1 - which is clearly wrong. Therefore I leave fixing that for later. I'm looking for candidates for $p/$n expansion. Note we can't expand these at config_utsname() etc, because then lxc-clone would see the expanded variable. So we want to read $p/$n verbatim at config_*(), and expand them only when they are used. lxc.logfile is an obvious good use case. lxc.utsname can do it too, in case you want container c1 to be called "c1-whatever". I'm not sure that's worth it though. Are there any others, or is that it? Signed-off-by: -
Serge Hallyn authored
Signed-off-by:
-
- 26 Jul, 2013 1 commit
-
-
Serge Hallyn authored
Several places think that the current cgroup will be NULL rather than "/" when we're in the root cgroup. Fix that. Signed-off-by:
-
- 23 Jul, 2013 3 commits
-
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
It uses the newuidmap and newgidmap program to start a shell in a mapped user namespace. While newuidmap and newgidmap are setuid-root, lxc-usernsexec is not. If new{ug}idmap are not available, then this program is not built or installed. Otherwise, it will be used to support creating, starting, destroying, etc containers by unprivileged users using their authorized subuids and subgids. Example: usernsexec -m u:0:100000:1 -- /bin/bash will, if the user is authorized to use subuid 100000, start a bash shell in a user namespace where 100000 on the host is mapped to root in the namespace, and the shell is running as (privileged) root. Signed-off-by: -
Serge Hallyn authored
If we are euid==0 or XDG_RUNTIME_DIR is not set, then use /run/lock/lxc/$lxcpath/$lxcname as before. Otherwise, use $XDG_RUNTIME_DIR/lock/lxc/$lxcpath/$lxcname. Signed-off-by:
-
- 22 Jul, 2013 5 commits
-
-
Serge Hallyn authored
When doing reboot test, must add clone_newuser to clone flags, else we can't clone(CLONE_NEWPID). If we don't have caps at lxc-start, don't refuse to start. Drop the lxc_caps_check() function altogether as it is unused now. Signed-off-by:
-
Serge Hallyn authored
This is needed if we're going to have unprivileged users create containers inside cgroups which they own. Signed-off-by:
-
Serge Hallyn authored
don't try to lock if using a specified tarball The lock/subsys/lxc-ubuntu-cloud lock is to protect the tarballs managed under /var/cache/lxc/cloud-$release. Don't lock if we've been handed a tarball. fake device creation Unprivileged users can't create devices, so bind mount null, tty, urandom and console from the host. Changelog: Jul 22: as Stéphane points out, remove a left-over debug line Signed-off-by:
-
Serge Hallyn authored
Just make sure we are root if we are asked to deal with something other than a directory, and make sure we have permission to create the container in the given lxcpath. The templates will need much more work. Signed-off-by:
-
Serge Hallyn authored
Up to now lxc-create ensured that you were running as root. Now the templates which require root need to do it for themselves. Templates which do mknod definately require root. Signed-off-by:
-
- 18 Jul, 2013 1 commit
-
-
Serge Hallyn authored
Signed-off-by:
-
- 17 Jul, 2013 1 commit
-
-
Serge Hallyn authored
The debugfs, fusectl, and securityfs may not be mounted inside a non-init userns. But mountall hangs waiting for them to be mounted. So just pre-mount them using $lxcpath/$name/fstab as bind mounts, which will prevent mountall from trying to mount them. If the kernel doesn't provide them, then the bind mount failure will be ignored, and mountall in the container will proceed without the mount since it is 'optional'. But without these bind mounts, starting a container inside a user namespace hangs. Signed-off-by:
-
- 16 Jul, 2013 4 commits
-
-
Dwight Engen authored
Signed-off-by:
Dwight Engen <dwight.engen@oracle.com> Signed-off-by:
-
John McFarlane authored
This commit increases the default timeout used by lxc-start-ephemeral from 5 to 10, and adds support for an LXC_IP_TIMEOUT override. Patchset 2: - Previous patch used a command line arg. Signed-off-by:
John McFarlane <john@rockfloat.com> Acked-by:
-
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
Otherwise (a) there is a memory leak when using user namespaces and clearing a config, and (b) saving a container configuration file doesn't maintain the userns mapping. For instance, if container c1 has lxc.id_map configuration entries, then python3 import lxc c=lxc.Container("c1") c.save_config("/tmp/config1") should show 'lxc.id_map =' entries in /tmp/config1. Changelog for v2: 1. fix incorrect saving of group types (s/'c'/'g') 2. fix typo -> idmap->type should be idmap->idtype Reported-by:
-
- 15 Jul, 2013 1 commit
-
-
Serge Hallyn authored
Define a sha1sum_file() function in utils.c. Use that in lxcapi_create to write out the sha1sum of the template being used. If libgnutls is not found, then the template sha1sum simply won't be printed into the container config. This patch also trivially fixes some cases where SYSERROR is used after a fclose (masking errno) and missing consts in mkdir_p. Signed-off-by:
-
- 12 Jul, 2013 4 commits
-
-
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
If set, then fds 0,1,2 will be redirected while the creation template is executed. Note, as Dwight has pointed out, if fd 0 is redirected, then if templates ask for input there will be a problem. We could simply not redirect fd 0, or we could require that templates work without interaction. I'm assuming here that we want to do the latter, but I'm open to changing that. Reported-by:
"S.Çağlar Onur" <caglar@10ur.org> Acked-by:
-
zoolook authored
lxc-clone ignores size subfixes (K, M, G) when using -L parameter. The following is a quick patch to allow, for example, lxc-clone -L 10G. Signed-off-by:
Norberto Bensa <nbensa@gmail.com> Acked-by:
-
- 11 Jul, 2013 3 commits
-
-
Serge Hallyn authored
3.10 kernel comes with proper hierarchical enforcement of devices cgroup. To keep that code somewhat sane, certain things are not allowed. Switching from default-allow to default-deny and vice versa are not allowed when there are children cgroups. (This *could* be simplified in the kernel by checking that all child cgroups are unpopulated, but that has not yet been done and may be rejected) The mountcgroup hook causes lxc-start to break with 3.10 kernels, because you cannot write 'a' to devices.deny once you have a child cgroup. With this patch, (a) lxcpath is passed to hooks, (b) the cgroup mount hook sets the container's devices cgroup, and (c) setup_cgroup() during lxc startup ignores failures to write to devices subsystem if we are already in a child of the container's new cgroup. ((a) is not really related to this bug, but is definately needed. The followup work of making the other hooks use the passed-in lxcpath is still to be done) Signed-off-by: -
Serge Hallyn authored
1. If no template is passed in, then do not try to execute it. The user just wanted to write the configuration. 2. If template is passed in as a full path, then use that instead of constructing '$templatedir/lxc-$template'. Reported-by:
Wanlong Gao <gaowanlong@cn.fujitsu.com> Signed-off-by:
-
Serge Hallyn authored
Make it its own function to make both more readable. Signed-off-by:
-
