- 05 Jan, 2012 8 commits
-
-
Greg Kurz authored
This lxc-monitor limitation deserves some lines in the manpage, until something is done to allow several monitors to run concurrently. Signed-off-by:
Greg Kurz <gkurz@fr.ibm.com> Signed-off-by:
Daniel Lezcano <dlezcano@fr.ibm.com>
-
Greg Kurz authored
A typical usage is to start lxc-monitor in popen() and parse the ouput. Unfortunately, glibc defaults to block buffering for pipes and you may have to wait several lines before anything is written to stdout... this prevent the use of lxc-monitor to implement automatons. Let's go line buffered ! Signed-off-by:
-
Serge Hallyn authored
Particularly for LTS releases, which many people will want to use in their containers, it is not wise to not use release-security and release-updates. Furthermore the fix allowing ssh to allow the container to shut down is in lucid-updates only. With this patch, after debootstrapping a container, we add -updates and -security to sources.list and do an upgrade under chroot. Unfortunately we need to do this because debootstrap doesn't know how to. Changelog: Nov 14: as Stéphane Graber suggested, make sure no daemons start on the host while doing dist-upgrade from chroot. Nov 15: use security.ubuntu.com, not mirror. (stgraber) Signed-off-by:
Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by:
-
Daniel Lezcano authored
Fix the stack address for ia64. Signed-off-by: -
Daniel Lezcano authored
Network cleanup does not cleanup correctly the virtual interfaces in case of an error. Signed-off-by: -
Daniel Lezcano authored
When the cgroup is not mounted, we silently exit without giving some clues to the user with what is happening. Give some info and an explicit error. Signed-off-by: -
Daniel Lezcano authored
Signed-off-by: -
Christian Seiler authored
When used in conjunction with a bridge, veth devices with random addresses may change the mac address of the bridge itself if the mac address of the interface newly added is numerically lower than the previous mac address of the bridge. This is documented kernel behavior. To avoid changing the host's mac address back and forth when starting and/or stopping containers, this patch ensures that the high byte of the mac address of the veth interface visible from the host side is set to 0xfe. A similar logic is also implemented in libvirt. Fixes SF bug #3411497 See also: <http://thread.gmane.org/gmane.linux.kernel.containers.lxc.general/2709> Signed-off-by:
-
- 18 Nov, 2011 1 commit
-
-
Daniel Lezcano authored
This reverts commit a2dea4ea.
-
- 10 Nov, 2011 5 commits
-
-
Stéphane Graber authored
Allow mknod (fixing udev upgrades) and drop mac_override and mac_admin from lxc.cap.drop as apparmor has/will have support for namespaces Signed-off-by: -
Greg Kurz authored
To avoid name collisions between local and system header files. For example, if you try to include the <pty.h> system file, you end up including the one from lxc... Signed-off-by:
-
Greg Kurz authored
The "" notation is preferrable if the header file is local. Signed-off-by:
-
Alexander Vladimirov authored
Hi, here's the patch which adds Arch linux container template Signed-off-by: -
Daniel Lezcano authored
Add missing 'localstatedir' directory definition. Signed-off-by:
-
- 28 Oct, 2011 4 commits
-
-
Tuomas Suutari authored
The hardcoded URL seems to be broken and 404 error was not checked. Now the mirror is selected from mirrorlist (instead of hardcoding to funet.fi) and fetch errors are checked. Also added a retry loop (with 3 tries) to find a working mirror, since some of the mirrors are not OK. Signed-off-by:
Tuomas Suutari <tuomas.suutari@gmail.com> Signed-off-by:
-
Tuomas Suutari authored
There is no i686 variant of Fedora, but Ubuntu seems to return i686 from the arch command. Signed-off-by:
-
Tuomas Suutari authored
The text says that 14 is default, but release=14 was not set anywhere in the script. Signed-off-by:
-
Frederic Crozat authored
rely on "build" package, to ensure chroot can be created with distribution older than 12.1 Signed-off-by:
-
- 24 Oct, 2011 13 commits
-
-
Serge E. Hallyn authored
It prevents containers from getting a good resolv.conf without doing ifdown eth0; ifup eth0. (see pad.lv/880020) Signed-off-by:
-
Cedric Le Goater authored
This patch adds a private argument to extend the struct lxc_arguments. This is useful to develop custom lxc commands outside mainline lxc. Signed-off-by:
Cedric Le Goater <clg@fr.ibm.com> Signed-off-by:
-
Greg Kurz authored
This patch allows to create application containers with liblxc.so directly. Some code cleanups on the way: - separate ops for lxc_execute() and lxc_start(): the factorisation is wrong here as we may have specific things to do if we're running an application container. It deserves separate ops. - lxc_arguments_dup() is merged in the pre-exec operation: this is a first use for the execute op introduced just above. It's better to build the arguments to execvp() where they're really used. Signed-off-by:
-
Frederic Crozat authored
Make sure to correctly detect kernel 3.x for file capabilities. Signed-off-by: -
Alexey Shabalin authored
Updates. Signed-off-by: -
Serge E. Hallyn authored
Otherwise we end up with a bad container fstab and a container that won't boot. See https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/879052Signed-off-by:
-
Rainer Weikusat authored
The lxc-ls shell script uses netstat -xa to get a listing of AF_UNIX sockets it then parses in order to determine the names of presently running containers. This is wrong because it will list the listening socket and all sockets created by accepting connections on that. This causes the script to display the names of containers with active lxc-console sessions 1 + n times, n being the number of active console sessions. The patch below fixes this by using netstat -xl instead which only displays the listening sockets. Signed-off-by:
Rainer Weikusat <rweikusat@mobileactivedefense.com> Signed-off-by:
-
Serge E. Hallyn authored
Thought I had sent this before, but I don't find it anywhere. Signed-off-by:
-
Serge E. Hallyn authored
If multiple cgroups are mounted under /sys/fs/cgroup, then the original check ends up looking for /sys/fs/cgroup/cgroup.clone_children, which does not exist because that is just a tmpfs. So make sure to check an actual cgroupfs. Signed-off-by:
-
Serge E. Hallyn authored
/dev/shm is a symlink to /run/shm, so we need /run/shm to exist in the container rootfs. Also, /dev/mqueue does not exist on the host, and can't be created by the container. But we don't really need it so ignore that. Signed-off-by:
-
Serge E. Hallyn authored
This isn't particularly reassuring, and will be moot with user namespaces, but as people are asking for it, turn off sys_module. While we're at it, turn off mac_admin and mac_override. Signed-off-by:
-
Serge E. Hallyn authored
End the command with ';', which is needed, and put the hostname in quotes (which doesn't really seem needed, but shown in man page). Signed-off-by:
-
Greg Kurz authored
There are still some sequels from commit: 1c41ddcbSigned-off-by:
-
- 20 Sep, 2011 1 commit
-
-
Greg Kurz authored
Commit 92c7f629 broke the following scipts: - lxc-setcap - lxc-setuid - lxc-create This patch adds the missing variables to be substitued by the configure script. Cheers. Signed-off-by:
-
- 13 Sep, 2011 3 commits
-
-
Tzafrir Cohen authored
Signed-off-by:
Tzafrir Cohen <tzafrir@cohens.org.il> Signed-off-by:
-
Greg Kurz authored
As discussed in thread: http://sourceforge.net/mailarchive/forum.php?thread_name=4E5618C3.5060507%40free.fr&forum_name=lxc-devel We think it's better for now to only warn the user about a fd leaking into the container. Also remove the call to readlink() as it isn't really useful now: since the container will start anyway, the user can look into /proc/../fd or use lsof or whatever. Signed-off-by:
-
Greg Kurz authored
This patch fixes some makefile/specfile issues when running rpmbuild with the distributed lxc specfile: - fixes usage of installation directories for config files, rootfs, templates and lxc-init so that they're calculated at make time instead of configure time. Thanks to this, all installed items go under $RPM_BUILD_ROOT when running rpmbuild - introduce --disable-rpath option to configure to avoid check-rpaths errors when building non-root. - introduce a lxc-libs package in the default spec file to allow concurrent installation of 32 bit and 64 bit libraries. v2: - fix circular reference in lxc.pc - ship lxc.pc with lxc-devel Signed-off-by:
-
- 01 Sep, 2011 1 commit
-
-
InformatiQ authored
Signed-off-by:
InformatiQ <rhanna@informatiq.org> Signed-off-by:
-
- 30 Aug, 2011 4 commits
-
-
InformatiQ authored
Signed-off-by:
-
InformatiQ authored
Signed-off-by:
-
InformatiQ authored
Signed-off-by:
-
Ramez Hanna authored
* if not running on fedora host amd -R is not set, use fedora 14 as default * trap SIGHUP SIGINT SIGTERM, and cleanup before exiting Signed-off-by:
-
