Commits · d8b712bc61cb06f808bbf0d77da210c24eba8af8 · Chen Yisong / lxc

01 Aug, 2017 16 commits
- conf: mount_entry_on_generic() · d8b712bc
  Christian Brauner authored Aug 01, 2017
```
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  d8b712bc
- conf: mount_entry_on_systemfs() · 07667a6a
  Christian Brauner authored Aug 01, 2017
```
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  07667a6a
- conf: mount_entry_on_absolute_rootfs() · bdd2b34c
  Christian Brauner authored Aug 01, 2017
```
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  bdd2b34c
- conf: setup_mount_entries() · 19b5d755
  Christian Brauner authored Aug 01, 2017
```
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  19b5d755
- conf: make_anonymous_mount_file() · 6bd04140
  Christian Brauner authored Aug 01, 2017
```
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  6bd04140
- conf: setup_mount() · 42dff448
  Christian Brauner authored Aug 01, 2017
```
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  42dff448
- conf: mount_file_entries() · 1ae3c19f
  Christian Brauner authored Aug 01, 2017
```
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  1ae3c19f
- Merge pull request #1723 from brauner/2017-07-31/remove_utmp_watch · ebc52433
  Serge Hallyn authored Aug 01, 2017
```
start: remove utmp watch
```
  ebc52433
- Merge pull request #1722 from brauner/2017-07-31/devpts_use_max_mount_option · 58f52a14
  Serge Hallyn authored Aug 01, 2017
```
devpts: use max=<count> option on mount
```
  58f52a14
- Merge pull request #1724 from GamerSource/opensuse-template-improvements-v2 · f5cdd5ac
  Christian Brauner authored Aug 01, 2017
```
Opensuse template improvements
```
  f5cdd5ac
- devpts: use max=<count> option on mount · 9d28c4f9
  Christian Brauner authored Jul 31, 2017
```
This will only work with kernels >= 3.4
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  9d28c4f9
- start: remove utmp watch · bc8ce586
  Christian Brauner authored Jul 31, 2017
```
Closes #1616.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  bc8ce586
- templates/opensuse: support leap 42.3 · 46a892d5
  Thomas Lamprecht authored Aug 01, 2017
```
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
```
  46a892d5
- templates/opensuse: getty.target.wants does not always exists · d4cf2ad3
  Thomas Lamprecht authored Aug 01, 2017
```
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
```
  d4cf2ad3
- templates/opensuse: fix tumbleweed software selection · 46158779
  Thomas Lamprecht authored Aug 01, 2017
```
tumbleweed needs a newer version for a few packages, namely:
* liblua5_3
* bncurses6
* breadline7

As Leap it also has no dhcpd, but udhcp which gets pulled in already.
Further iproute2 and net-tools need manual instalation.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
```
  46158779
- templates/opensuse: tumbleweed has no update repo · baf85a01
  Thomas Lamprecht authored Aug 01, 2017
```
As tumbleweed is a rolling release it has not update repository.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
```
  baf85a01
31 Jul, 2017 2 commits
- Merge pull request #1721 from brauner/2017-07-30/fix_saved_config_handling · d1f811d5
  Stéphane Graber authored Jul 31, 2017
```
network parser fixes
```
  d1f811d5
- test: test for invalid network key · bb461dcc
  Christian Brauner authored Jul 31, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  bb461dcc
30 Jul, 2017 3 commits

Merge pull request #1720 from hallyn/2017-07-29/cg · dd871fa0
Christian Brauner authored Jul 30, 2017
```
Fix some bugs in #1719
```
dd871fa0
lxccontainer: clear whole indexed networks · 4222a9f4
Christian Brauner authored Jul 30, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
4222a9f4

confile: use deindexed network keys · 31ee747b

authored Jul 30, 2017

When we are passed a network key like "lxc.net.[i].ipv4.address" we need to
make sure that we pass the deindexed key "lxc.net.ipv4.address" to the
{get,clr,set} methods otherwise we'll end up in an endless loop.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

31ee747b

29 Jul, 2017 4 commits
- Fix some bugs in #1719 · 2c2d6c49
  Serge Hallyn authored Jul 29, 2017
```
In particular, any text (like a #comment) following the mode
would end up in our mode line.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
```
  2c2d6c49
- Merge pull request #1719 from hallyn/2017-07-28/cg · 1135b35b
  Christian Brauner authored Jul 29, 2017
```
Fix up c8bf519d to fit our coding style
```
  1135b35b
- Fix up c8bf519d to fit our coding style · 72add155
  Serge Hallyn authored Jul 28, 2017
```
Also reduce the number of mallocs.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
```
  72add155
- Merge pull request #1708 from aeris/master · da7a897e
  Serge Hallyn authored Jul 28, 2017
```
Allow full path in lxc.devices.allow
```
  da7a897e
28 Jul, 2017 7 commits
- Merge pull request #1717 from hallyn/harri1 · 5fddde03
  Christian Brauner authored Jul 28, 2017
```
Use "rsync -SHaAX" to copy the cached rootfs into place
```
  5fddde03
- Use "rsync -SHaAX" to copy the cached rootfs into place · 6273aef1
  Harald Dunkel authored Jul 28, 2017
```
(updated by Serge to also handle hte new lxc-fedora{-legacy{.in
templates)
Signed-off-by: Harald Dunkel <harri@afaics.de>
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
```
  6273aef1
- Merge pull request #1716 from brauner/2017-07-28/bugfix · f1401c06
  Stéphane Graber authored Jul 28, 2017
```
lvm: fix check
```
  f1401c06
- lvm: fix check · 505dd987
  Christian Brauner authored Jul 28, 2017
```
Signed-off-by: Thomas Hipp <thipp@suse.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  505dd987
- Merge pull request #1715 from brauner/2017-07-27/fix_gcc7_bug · 41609c46
  Stéphane Graber authored Jul 28, 2017
```
lvm: check whether lxc.bdev.lvm.vg is empty
```
  41609c46
- cgroups: use tight scoping · bb30b52a
  Christian Brauner authored Jul 28, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  bb30b52a
- lvm: check whether lxc.bdev.lvm.vg is set · 01e5fa07
  Christian Brauner authored Jul 28, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  01e5fa07
27 Jul, 2017 2 commits
- Merge pull request #1714 from brauner/2017-07-27/fix_gcc7_bug · bef81ce5
  Stéphane Graber authored Jul 27, 2017
```
cgroups: workaround gcc-7 bug
```
  bef81ce5
- cgroups: workaround gcc-7 bug · 66b66624
  Christian Brauner authored Jul 27, 2017
```
Also: LOL
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
  66b66624
26 Jul, 2017 4 commits

Merge pull request #1713 from brauner/2017-07-26/hybrid_cgroup_support · d9f78406
Serge Hallyn authored Jul 26, 2017
```
cgroups: handle hybrid cgroup layouts
```
d9f78406

cgroups: handle hybrid cgroup layouts · 6328fd9c

authored Jul 26, 2017

Closes #1669.
Closes #1678.
Relates to https://github.com/systemd/systemd/issues/6408.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

6328fd9c

utils: move helpers from cgfsng.c to utils.{c,h} · 04ad7ffe
Christian Brauner authored Jul 26, 2017
```
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
```
04ad7ffe

Allow full path in lxc.devices.allow · c8bf519d

authored Jul 19, 2017

Some devices like LVM or cryptsetup entries have no stable major/minor, changing between host reboots.
In this case, hardcoded numbers are not usable in config file and there is currently no way to use hook with lxc-device to do the link at guest startup :

    * `pre-start`/`autodev` hook runs in host context but has the guest in stopped state and so lxc-device not usable
    * `start` hook is in running state but runs in guest context and so lxc-device not available

This patch converts fullpath in lxc.devices.allow to current major/minor numbers to address those changing numbers.
Signed-off-by: aeris <aeris@imirhil.fr>

c8bf519d

25 Jul, 2017 1 commit
- Merge pull request #1606 from brauner/2017-06-01/lxc_setup_after_cgroup_unshare · c1cecfdd
  Serge Hallyn authored Jul 25, 2017
```
call lxc_setup() after unshare(CLONE_NEWCGROUP)
```
  c1cecfdd
24 Jul, 2017 1 commit

start: lxc_setup() after unshare(CLONE_NEWCGROUP) · f4152036

authored Jun 01, 2017

When the running kernel supports cgroup namespaces and users want to manually
set up cgroups via lxc.hook.mount before the init binary starts the cgroup
namespace needs to be already unshared. Otherwise the view on the cgroup mounts
is wrong. This commit places the call to lxc_setup() after the
LXC_SYNC_POST_CGROUP barrier.

Before this commit, the tty fds we allocate from a fresh devpts instance in the
container's namespaces before the init binary starts were referring to the
host's cgroup namespace since lxc_setup() was called before
unshare(CLONE_NEWCGROUP). Although not a security risk at this point since
setns() restricts its calls to /proc/<self>/ns files it's still better to do it
*after* the cgroup namespace has been unshared.

Adding a Suggested-by line for the lxc.mount.hook fix for Quentin.

Closes #1597.
Suggested-by: Quentin Dufour <quentin@dufour.tk>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

f4152036