- 02 Dec, 2019 36 commits
-
-
Serge Hallyn authored
Signed-off-by:Serge Hallyn <shallyn@cisco.com>
-
Florian Margaine authored
lxc2 broke this feature for lxc-execute, and lxc3 broke it for lxc-attach. This adds a test making sure we don't do the same mistake a third time. Signed-off-by:Florian Margaine <florian@platform.sh>
-
Wolfgang Bumiller authored
Callers expect a NULL on error, and with PR #3171 marking the pointer as __do_free, we now return a pointer to freed memory here otherwise. Signed-off-by:Wolfgang Bumiller <w.bumiller@proxmox.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Patrick Havelange authored
In case the internal memfd_create has to be used, make sure we don't clash with the already existing memfd_create function from glibc. This can happen if this glibc function is a stub. In this case, at ./configure time, the test for this function will return false, however the declaration of that function is still available. This leads to compilation errors. Signed-off-by:Patrick Havelange <patrick.havelange@essensium.com>
-
Thomas Parrott authored
Partially reverts 65b92ea5 so that trying to destroy a non-existent container gives an error message. Signed-off-by:
Thomas Parrott <thomas.parrott@canonical.com>
-
KATOH Yasufumi authored
Update for commit 767bd70aSigned-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp>
-
Rachid Koucha authored
When calling "man lxc.container.conf", an internal "man" keyword is displayed : $ man lxc.container.conf [...] lxc.mount.entry Specify a mount point corresponding to a line in the fstab format. Moreover lxc supports mount propagation, such as rslave or rprivate, and adds three additional mount options. optional don't fail if mount does not work. create=dir or create=file to create dir (or file) when the point will be mounted. relative source path is taken to be relative to the mounted container root. For instance, dev/null proc/kcore none bind,relative 0 0 .fi <-----------------------------------UNEXPECTED KEYWORD !!!! The problem seems to come from the missing blanks before "dev/null proc/kcore none bind,relative 0 0" Moreover, for homogeneity purposes, it is better to use the "programlisting" tag used in the rest of the text instead of "screen". Signed-off-by:Rachid Koucha <rachid.koucha@gmail.com>
-
KATOH Yasufumi authored
Update for commit 0684250fSigned-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp>
-
Caio B. Silva authored
Signed-off-by:Caio B. Silva <caioboffo@gmail.com>
-
Lukas Jelinek authored
Signed-off-by:Lukas Jelinek <lukas.jelinek@nic.cz>
-
Caio B. Silva authored
Signed-off-by:Caio B. Silva <caioboffo@gmail.com>
-
Christian Brauner authored
In the usual case the child runs in a separate pid namespace. So far we haven't been able to reliably set the pdeath signal. When we set the pdeath signal we need to verify that we haven't lost a race whereby we have been orphaned and though we have set a pdeath signal it won't help us since, well, the parent is dead. We were able to correctly handle this case when we were in the same pidns since getppid() will return a valid pid. When we are in a separate pidns 0 will be returned since the parent doesn't exist in our pidns. A while back, while Jann and I were discussing other things he came up with a nifty idea: simply pass an fd for the parent's status file and check the "State:" field. This is the implementation of that idea. Suggested-by:
Jann Horn <jann@thejh.net> Signed-off-by:
Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Alban VIDAL authored
Signed-off-by:Alban VIDAL <zordhak@debian.org>
-
Caio B. Silva authored
allow users to configure the option --enable-feature or --with-package, if an option is given run shell commands action-if-given Signed-off-by:Caio B. Silva <caioboffo@gmail.com>
-
Caio B. Silva authored
Signed-off-by:Caio B. Silva <caioboffo@gmail.com>
-
KATOH Yasufumi authored
* translate pam_cgfs(8) * support --{enable,disable}-{commands,tools} in doc/ja Signed-off-by:KATOH Yasufumi <karma@jazz.email.ne.jp>
-
Venkata Harshavardhan Reddy Allu authored
Signed-off-by:Venkata Harshavardhan Reddy Allu <venkataharshavardhan_ven@srmuniv.edu.in>
-
Caio B. Silva authored
Signed-off-by:Caio B. Silva <caioboffo@gmail.com>
-
Julio Faracco authored
Some applications use information from LOOP_GET_STATUS64. The file associated with loop device is pointed inside structure field `lo_file_name`. The current code is setting up a loop device without this information. A legacy example of code checking this is cryptsetup: static char *_ioctl_backing_file(const char *loop) { struct loop_info64 lo64 = {0}; int loop_fd; loop_fd = open(loop, O_RDONLY); if (loop_fd < 0) return NULL; if (ioctl(loop_fd, LOOP_GET_STATUS64, &lo64) < 0) { close(loop_fd); return NULL; } lo64.lo_file_name[LO_NAME_SIZE-2] = '*'; lo64.lo_file_name[LO_NAME_SIZE-1] = 0; close(loop_fd); return strdup((char*)lo64.lo_file_name); } It will return an empty string because lo_file_name was not set. Signed-off-by:Julio Faracco <jcfaracco@gmail.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Pierre-Elliott Bécue authored
Signed-off-by:Pierre-Elliott Bécue <becue@crans.org>
-
Antonio Terceiro authored
Commit ae68cad7 introduced a regression that makes lxc-attach ignore the exit status of the executed command. This was first identified in 3.0.4 LTS, while it worked on 3.0.3. # lxc-attach --version 3.0.4 # lxc-attach -n test false; echo $? 0 Signed-off-by:
Antonio Terceiro <terceiro@debian.org> Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934983
-
Christian Brauner authored
When pure cgroup unified mode is used we cannot pre-mount a tmpfs as this confuses systemd. Users should also set lxc.mount.auto = cgroup:force to ensure that systemd in the container and on the host use identical cgroup layouts. Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
qianfan Zhao authored
Fix: #3123 Signed-off-by:qianfan Zhao <qianfanguijin@163.com>
-
Christian Brauner authored
Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-
Wolfgang Bumiller authored
Signed-off-by:Wolfgang Bumiller <w.bumiller@proxmox.com>
-
Alexander Kriventsov authored
Signed-off-by:Alexander Kriventsov <akriventsov@nic.ru>
-
Thomas Parrott authored
Signed-off-by:Thomas Parrott <thomas.parrott@canonical.com>
-
Lukas Pirl authored
``/proc`` might be mounted with ``hidepid=2``. This makes ``/proc/1/…`` appear absent for non-root users. When using the templates or the nvidia hook as a non-root user (e.g., when creating unprivileged containers) the error "/proc/1/uid_map: No such file or directory" is printed. Since the script works correctly despite the error, this error message might be confusing for users. Signed-off-by:Lukas Pirl <git@lukas-pirl.de>
-
Rachid Koucha authored
To be used when making file/directory names for containers (e.g. in lxccontainer.c) Signed-off-by:Rachid Koucha <rachid.koucha@gmail.com>
-
Rachid Koucha authored
To make the file/directory names, use the defines from macro.h Signed-off-by:Rachid Koucha <rachid.koucha@gmail.com>
-
- 08 Oct, 2019 1 commit
-
-
Stéphane Graber authored
Signed-off-by:Stéphane Graber <stgraber@ubuntu.com>
-
- 11 Aug, 2019 3 commits
-
-
Julio Faracco authored
If SSL is enabled, utils will include function `do_sha1_hash()` to generate a sha1 encrypted buffer. Last function argument of `EVP_DigestFinal_ex()` requires a `unsigned int` but the current parameter is an `integer` type. See error: utils.c:350:38: error: passing 'int *' to parameter of type 'unsigned int *' converts between pointers to integer types with different sign [-Werror,-Wpointer-sign] EVP_DigestFinal_ex(mdctx, md_value, md_len); ^~~~~~ /usr/include/openssl/evp.h:549:49: note: passing argument to parameter 's' here unsigned int *s); Signed-off-by:Julio Faracco <jcfaracco@gmail.com>
-
Thomas Parrott authored
Signed-off-by:Thomas Parrott <thomas.parrott@canonical.com>
-
Christian Brauner authored
Closes #3108. Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com>
-