- 25 Oct, 2012 16 commits
-
-
Stéphane Graber authored
This include is conditional on apparmor being selected. Signed-off-by:Stéphane Graber <stgraber@ubuntu.com>
-
Stéphane Graber authored
1. don't add network segment to config 2. check for 'curl' 3. don't add $name to $path, it's already in there 4. don't add devpts to fstab, that's wrong. 5. $UTSNAME doesn't exist 6. set root pwd to root instead of rooter. 7. install fedora-release package. 8. add a console on /dev/console. 9. create empty fstab 10. don't mount devpts in rc.sysinit. Signed-off-by:
Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
That means, don't try to pin a null rootfs, and don't try to mount /proc since /var/lib/lxc/root/proc doesn't exist to be mounted onto. The apparmor patches are not yet upstream, so this patch will not go upstream by itself. Signed-off-by:
-
Serge Hallyn authored
When passing '--userdata somefile' to the ubuntu-cloud template, a user may pass a relative pathname. The template uses the filename after changing current directory, so store the full pathname for the userdata file instead of a potential relative pathname. Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
LXC has optional apparmor support, default profile is lxc-container-default. This change adds a commented "lxc.aa_profile = default" line to all templates, uncommenting this will bypass apparmor for the container. Signed-off-by: -
Stéphane Graber authored
On Debian and Ubuntu, the default host-name field in dhclient.conf is set to either "<hostname>" or "gethostname()" both of which get replaced by the machine's hostname at query time. The sed call currently present in lxc-clone hardcodes the hostname in dhclient.conf, causing dpkg to prompt on isc-dhcp updates. Signed-off-by: -
Stéphane Graber authored
By default we use mnt, but that means that lxc fstab entries do not work when placed under the container's /mnt/. Signed-off-by:
-
Stéphane Graber authored
Now that initscripts in Debian and Ubuntu has been updated to no longer do silly things with /dev/shm and /run/shm on installation/update, the check needs updating to detect any remaining broken case and fix it. Signed-off-by: -
Serge Hallyn authored
Starting a container with insufficient privilege (correctly) fails during lxc_init. However, if starting a daemonized container, we daemonize before we get to that check. Therefore while the container will fail to start, and the logfile will show this, the 'lxc-start -n x -d' command will return success. For ease of scripting, do a check for the required privilege before we exit. Signed-off-by: -
Serge Hallyn authored
This saves quite a bit of space in the cache and containers. See https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1037626 for the original bug report. Reported-by:
Fajar A. Nugraha <list@fajar.net> Signed-off-by:
-
Serge Hallyn authored
Otherwise the next lxc-create may rsync a bad cache. Signed-off-by: -
Serge Hallyn authored
If user calls 'lxc-create -t ubuntu -- -h' (as opposed to 'lxc-create -t ubuntu -h') then the ubuntu template will print its help then exit 0. Then lxc-create does not cleanup. So detect this in lxc-create.
-
Serge Hallyn authored
The 'lxc.mount =' entry can have more than one space, or tabs, before the =. We only need to disambiguate from 'lxc.mount.entry'. So just check for a space or tab after mount. Signed-off-by: -
Serge Hallyn authored
Otherwise after cloning an lvm+xfs container you can't run the original and clone at the same time. Based on a patch by Maurizio Sambati posted at https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1013549Signed-off-by:
-
- 31 Jul, 2012 24 commits
-
-
Serge Hallyn authored
Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Serge Hallyn authored
CAP_LAST_CAP in linux/capability.h doesn't always match what the kernel actually supports. If the kernel supports fewer capabilities, then a cap_get_flag for an unsupported capability returns -EINVAL. Recognize that, and don't fail when initializing capabilities when this happens, rather accept that we've reached the last capability. Signed-off-by:
-
Serge Hallyn authored
Make the prototypes and functions match between apparmor.{c,h} Signed-off-by: -
Serge Hallyn authored
When a container has dpkg >= 1.16.2, use dpkg --add-architecture for multi-arch configuration on foreign architecture containers. Signed-off-by:
-
Serge Hallyn authored
Just wait until the lock is available. That is a nicer behavior for concurrent lxc-creates. Signed-off-by:
-
Serge Hallyn authored
Otherwise a container name with a dash confuses ls Signed-off-by:
-
Serge Hallyn authored
It segfaults otherwise trying to execute &NULL. We could alternatively guess at a command to execute, such as a shell, but invariably there would be cases where the command we guess does not exist. Signed-off-by:
-
Serge Hallyn authored
Using mnt means that lxc fstab entries do not work when placed under the container's /mnt/ (i.e. /mnt/etc). Signed-off-by:
-
Serge Hallyn authored
Commits 15da01b3 and 2e44ed1e conflicted and resulted in some duplicate functionality. Drop the poorer version of that block. Signed-off-by:
-
Serge Hallyn authored
- Update list of extra packages for debootstrap to only include vim and ssh. The others were only relevant when we were still using the minbase variant. (LP: #996839) - Drop any hardcoded Ubuntu version check and replace by feature checks instead. - Format lxc-ubuntu to consistently use 4-spaces indent instead of mixed spaces/tabs. - Update default /etc/network/interfaces to include the header. - Update default /etc/hosts to match that of a regular Ubuntu system. - Drop support for end-of-life releases (gutsy on sparc). - Make sure /etc/resolv.conf is valid before running any apt command. - Update template help message for release and arch parameters. - Switch default Ubuntu version from lucid to precise. Signed-off-by: -
Serge Hallyn authored
When installing a non-native architecture, the template installs a bunch of packages of the native architecture to work around existing limitations of qemu-user-static, mostly related to netlink. The current code would install upstart of the host architecture but force the amd64 version of the others. This was just a mistake done while testing/developping the code. Fixing now to always install the native architecture version of all of them. Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
and check return values Signed-off-by:
-
Serge Hallyn authored
lxc-init used to be under /usr/lib/lxc. Now it is under /usr/lib/<multiarch>/lxc, but old containers will still have it under /usr/lib/lxc. So search for a valid lxc-init to run. Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
Timothy Chen <tnachen@gmail.com> Signed-off-by:
-
Serge Hallyn authored
It was calling non-existent 'help' Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
Ben Howard <ben.howard@canonical.com> Signed-off-by:
-
Serge Hallyn authored
This would be done (though done wrongly) by mounted-dev.conf, but that doesn't run because we don't mount /dev. Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
