Signed-off-by: Karl-Philipp Richter <krichter722@aol.de>

(1) Add test for kernel version greater 3.
(2) Use && and || instead of -a and -o as suggested in
    http://www.unix.com/man-page/posix/1p/test/.

lxc-checkconfig will currently report "missing" on "Cgroup memory controller"
for kernel versions greater 3. This happens because the script, before checking
for the corresponding memory variable in the kernel config, currently will test
whether we have a major kernel version greater- or equal to 3 and a minor kernel
version greater- or equal to 6. This adds an additional test whether we have a
major kernel version greater than 3.
Signed-off-by: Christian Brauner <christianvanbrauner@gmail.com>

Particularly when using the go-lxc api with lots of threads, it
happens that if the open files limit is > 1024, we will try to
select on fd > 1024 which breaks on glibc.

So use poll instead of select.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

This breaks code that depended on the monitor being fully dead before
c->stop() returns.

This reverts commit 62e04161.

This breaks lxc-test-concurrent.

This reverts commit fef9aa89.

In the past, lxc-cmd-stop would wait until the command pipe was closed
before returning, ensuring that the container monitor had exited.
Now that we accept the actual success return value, lxcapi_stop can
return success before the monitor has fully exited.

So explicitly wait for the container to stop, when lxc-cmd-stop returned
success.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

URL for packages and LiveOS differs from x86, x86_64 and ARM.

This patch allows to select the good mirror URL according to
the architecture.

Primary architecture: http://mirrors.kernel.org/fedora
Secondary architecture: http://mirrors.kernel.org/fedora-secondary

The managed secondary architectures are only ppc64 and s390x,
the secondary architectures for Fedora 20 (the base of initial bootstrap).
Signed-off-by: Laurent Vivier <Laurent@Vivier.EU>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

These are two fixes for long, long-standing bugs.

1. When we stop a container from the lxc_cmd stop handler, we kill its
init task, then we unfreeze the container to make sure it receives the
signal.  When that unfreeze succeeds, we were immediately returning 0,
without sending a response to the invoker.

2. lxc_cmd returns the length of the field received.  In the case of
an lxc_cmd_stop this is 16.  But a comment claims we expect no response,
only a 0.  In fact the handler does send a response, which may or may
not include an error.  So don't call an error just because we got back a
response.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

$container_rootfs may not be used so 'sed' will try to patch
"/etc/init/tty.conf". It must not be correct.
Signed-off-by: Teruo Oshida <teruo.oshida@miraclelinux.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

to make sure the parent's read returns.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Update for commit 8158c057Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Arjun Sreedharan <arjun024@gmail.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

This is only called at startup so it wasn't a big leak, but it is a leak.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Currently if we are in /user.slice/user-1000.slice/session-c2.scope,
and we start an unprivileged container t1, it will be in cgroup
3:memory:/user.slice/user-1000.slice/session-c2.scope/t1.  If
we then do a 'lxc-cgroup -n t1 freezer.tasks', cgm_get will
first switch to 3:memory:/user.slice/user-1000.slice/session-c2.scope
then look up 't1's values.  The reasons for this are

1. cgmanager get_value is relative to your own cgroup, so we need
to be sure to be in t1's cgroup or an ancestor
2. we don't want to be in the container's cgroup bc it might freeze us.

But in Ubuntu 15.04 it was decided that
3:memory:/user.slice/user-1000.slice/session-c2.scope/tasks should
not be writeable by the user, making this fail.

Therefore put all unprivileged cgroups under "lxc/%n".  That way
the "lxc" cgroup should always be owned by the user so that he can
enter.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Alexandre Letourneau <letourneau.alexandre@gmail.com>

Signed-off-by: Alexandre Létourneau <letourneau.alexandre@gmail.com>

Signed-off-by: Achton Smidt Winther <mail@achton.net>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

This patch enables seccomp support for LXC containers running on PowerPC
architectures. It is based on the latest PowerPC support added to libseccomp, on
the working-ppc64 branch [1].

Libseccomp has been tested on ppc, ppc64 and ppc64le architectures. LXC with
seccomp support has been tested on ppc and ppc64 architectures, using the
default seccomp policy example files delivered with the LXC package.

[1] https://github.com/seccomp/libseccomp/commits/working-ppc64

v2:
- add #ifdefs in get_new_ctx to fix builds on systems not having SCMP_ARCH_PPC*
  defined
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Fix a typo in the getopt call,  should be auth-key not auth_key.
Also provide the argument to cat, so the script doesn't hang waiting
on stdin.

Closes #379
Signed-off-by: Erik Mackdanz <erikmack@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Stuart Cardall <developer@it-offshore.co.uk>

When a non-thinpool LVM container which have snapshotted clone is
destroyed, the LV of snapshotted clone was also deleted. This patch
prevent it.

The original non-thinpool LVM container of snapshotted clone cannot be
now destroyed.
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

follow new gentoo's download server configuration.
Should be backported in earlier lxc versions.
Signed-off-by: Guillaume ZITTA <lxc@zitta.fr>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

This prevents on_exit() and atexit() handlers registered by the parent
process from being run in the forked intermediate process.
Signed-off-by: Johannes Henninger <johannes@henninger.io>

Signed-off-by: tukiyo3 <tukiyo3@gmail.com>

Signed-off-by: Dmitry Patsura <talk@dmtry.me>

A user could otherwise over-mount /proc and prevent the apparmor profile
or selinux label from being written which combined with a modified
/bin/sh or other commonly used binary would lead to unconfined code
execution.

Reported-by: Roman Fiedler
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

This prevents an unprivileged user to use LXC to create arbitrary file
on the filesystem.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

When we are shutting down the lxc network, we should not fail when
things go wrong, as that only makes it harder to clean up later.

See https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1429140 in particular
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

This resolves the case where /proc/sysrq-trigger doesn't exist by simply
ignoring any mount failure on ENOENT. With the current mount list, this
will always result in a safe environment (typically the read-only
underlay).

Closes #425

v2: Don't always show an error
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

We were trying to be smart and use whatever the last part of
the container's rootfs path was.  However for block devices
that doesn't make much sense.  I.e. if lxc.rootfs = /dev/md-1,
chances are that /var/lib/lxc/c1/md-1 does not exist.

So always use the $lxcpath/$lxcname/rootfs, and if it does
not exist, try to create it.

With this, 'lxc-clone -s -o c1 -n c2' where c1 has an lvm backend
is fixed.  See https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1414771Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Close #406
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>