- 02 May, 2014 1 commit
-
-
KATOH Yasufumi authored
Update for commit 860f5355Signed-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp> Acked-by:
Stéphane Graber <stgraber@ubuntu.com>
-
- 01 May, 2014 3 commits
-
-
Serge Hallyn authored
This should address https://github.com/lxc/lxc/issues/199Signed-off-by:
Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by:
-
Nikolay Martynov authored
lxc-init got moved into SBINDIR/init.lxc recently. This broke sshd template because path wasn't updated there. This patch should fix this issue. Signed-off-by:
Nikolay Martynov <mar.kolya@gmail.com> Acked-by:
-
Dwight Engen authored
- Some scriptlets expect fstab to exist so create it before doing the yum install - Set the rootfs selinux label same as the hosts or else the PREIN script from initscripts will fail when running groupadd utmp, which prevents creation of OL4.x containers on hosts > OL6.x. - Move creation of devices into a separate function Signed-off-by:
Dwight Engen <dwight.engen@oracle.com> Signed-off-by:
-
- 30 Apr, 2014 13 commits
-
-
Carlo Landmeter authored
Signed-off-by:
Carlo Landmeter <clandmeter@gmail.com> Acked-by:
-
S.Çağlar Onur authored
Signed-off-by:
S.Çağlar Onur <caglar@10ur.org> Acked-by:
-
Stéphane Graber authored
Signed-off-by: -
Serge Hallyn authored
/proc/sys/kernel/sem* and /proc/sys/kernel/msg* are ipc sysctls which are properly namespaced. Allow writes to them from containers. Reported-by:
Dan Kegel <dank@kegel.com> Signed-off-by:
-
S.Çağlar Onur authored
According to Serge, we no longer need to keep cgmanager connection open. As long as my tests go it seems to be working fine. Signed-off-by:
-
Dwight Engen authored
This change accepts all the same strings for lxc.arch that setarch(8) does. Note that we continue to parse plain x86 as PER_LINUX32 so as not to break existing lxc configuration files. Signed-off-by:
-
Serge Hallyn authored
Failures were being ignored, leading up to an eventual segfault. Signed-off-by:
-
KATOH Yasufumi authored
This only converts punctuation marks from FULLWIDTH COMMA/FULL STOP to IDEOGRAPHIC COMMA/FULL STOP in Japanese man pages. The contents of man pages do not change at all. Signed-off-by:
-
Dwight Engen authored
I inadvertently introduced this with commit 8bf1e61e. Signed-off-by:
-
Michael H. Warfield authored
Check for symlinks before attempting create. When attempting to create the compulsory symlinks in /dev, check for the existence of the link using stat first before blindly attempting to create the link. This works around an apparent quirk in the kernel VFS on read-only file systems where the returned error code might be EEXIST or EROFS depending on previous access to the /dev directory and its entries. Reported-by:
William Dauchy <william@gandi.net> Signed-off-by:
Michael H. Warfield <mhw@WittsEnd.com> Tested-by:
-
Serge Hallyn authored
If you 'ip netns add x1', this creates /run/netns and /run/netns/x1 as shared mounts. When a container starts, it umounts these after pivot_root, and the umount is propagated to the host. Worse, doing mount("", "/", NULL, MS_SLAVE|MS_REC, NULL) does not suffice to change those, even after binding /proc/mounts onto /etc/mtab. So, I give up. Do this manually, walking over /proc/self/mountinfo and changing the mount propagation on everything marked as shared. With this patch, lxc-start no longer unmounts /run/netns/* on the host. Signed-off-by: -
Serge Hallyn authored
In the body of the manpage, replace a few errant 'fssize's with the more appropriate word. Reported-by:
MegaBrutal <megabrutal@megabrutal.com> Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
- 11 Apr, 2014 2 commits
-
-
Serge Hallyn authored
it actually sets us up to run the nih_mainloop, but we will never run that. Signed-off-by:
-
Dwight Engen authored
This makes it so that the host doesn't need to have an old, compat version of db43_load installed by using the db_load from the just installed container. Some newer distributions do not even have an old enough compat-db4 package available. Signed-off-by:
-
- 08 Apr, 2014 5 commits
-
-
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
On very busy boards with slow IO, the shutdown process can take over 60s as the disk is syncing. Signed-off-by: -
Stéphane Graber authored
Recent fixes in the apparmor kernel code is now making at least the CI environment and quite possibly some others fail due to an invalid path in the pivot_root stanza. So update both lines to allow a more generic pivot_root call for anything in LXC's work directory. Signed-off-by:
-
KATOH Yasufumi authored
Update for commit 13bc2fd2Signed-off-by:
-
- 07 Apr, 2014 5 commits
-
-
Serge Hallyn authored
The caller might (like lxc-test-startone does) pass in a valid (or invalid) buffer and 0 length. Signed-off-by:
-
Serge Hallyn authored
In this patch I tried to stick with each file's coding style, however I think we should probably change that. Every main() should always not return and only exit; they should always return EXIT_SUCCESS or EXIT_FAILURE with the only exceptions being cases where we are returning a child's exit status (lxc_execute, lxc_attach, lxc_init). Signed-off-by:
-
Ryan Mulligan authored
Signed-off-by:
Ryan Mulligan <ryan@ryantm.com> Acked-by:
-
Serge Hallyn authored
So that exit status doesn't show up as 255. Reported-by:
Andrey Khozov <avkhozov@googlemail.com> Signed-off-by:
-
Serge Hallyn authored
When rebooting an unprivileged container, netpipe starts out as not -1. If count_veths somehow changed this could lead to trying to send data over nonexistent pipe. (Ok can't *really* happen, as it currently stands, but it's an open end) Signed-off-by:
-
- 04 Apr, 2014 11 commits
-
-
Leonid Isaev authored
Cleanups: 1. Do not modify container's /etc/hosts (archlinux uses /etc/nsswitch.conf) 2. Remove duplicate lines from config 3. Print a nicer final message 4. Get rid of some grep's Signed-off-by:
Leonid Isaev <lisaev@umail.iu.edu> Acked-by:
-
Leonid Isaev authored
Do not copy the pacman master key from the host, as this opens it to attacks; generate a new secret hostkey. Signed-off-by:
-
Leonid Isaev authored
Do not cherry-pick packages for the default install to avoid dependency issues. Instead, install the base group modulo blacklisted packages. Signed-off-by:
-
Robert Vogelgesang authored
Place log file into LOGPATH instead of LXCPATH (but still use the given lxcpath if the latter differs from LXCPATH). Signed-off-by:
Robert Vogelgesang <vogel@users.sourceforge.net> Acked-by:
-
Robert Vogelgesang authored
Fix parsing of /etc/lxc/default.conf, i. e. ignore comments, and don't require whitespace left and right of the equal sign. Make the early return actually work. Signed-off-by:
-
S.Çağlar Onur authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Dwight Engen authored
When lxc-info's stdout is not line buffered (ie. "lxc-info -n foo |more") the first three lines will be duplicated. This is because c->get_ips() comes next and it forks and the child will exit() causing its fds to be closed which flushes out its (fork duplicated) stdio buffers. The lines are then duplicated when the parent actually gets around to flushing out its stdio. This causes problems for programs (such as the lxc-webpanel) which are popen()ing lxc-info. The fix here isn't necessarily the right one, but does show what the problem is. Seems like maybe we should fix this inside of get_ips(), for other API callers as well. Signed-off-by:
-
Michael H. Warfield authored
Added lxc.arch to the resulting container configuration files to support i686 on x86_64 cross arch containers. Signed-off-by:
-
Dwight Engen authored
Reported-by:
Florian Klink <flokli@flokli.de> Signed-off-by:
-
Serge Hallyn authored
Allow writes to kernel.shm*, net.*, kernel/domainname and kernel/hostname, Also fix a bug in the lxc-generate-aa-rules.py script in a path which wasn't being exercised before, which returned a path element rather than its child. Changelog (v2): remove trailing / from block path Signed-off-by:
-
