- 16 Jan, 2014 21 commits
-
-
Stéphane Graber authored
This adds the 3 upstart jobs that we've had in Ubuntu for a while: - lxc.conf: Main upstart job, triggers lxc-net.conf based on config - lxc-instance.conf: Triggered by lxc.conf for each auto-started container - lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ... In addition, there are two extra config files in /etc/default: - lxc: Allows setting some values like http proxying, disabling autostart, ... - lxc-net: Network configuration for the lxcbr0 bridge This change also disables the sysv script for all distros but Oracle as the current script won't work on either Ubuntu nor Debian and I suspect quite a few more distros, so it's not nearly as distro-agnostic as we thought. For Debian, only install the upstart jobs and systemd unit. For Ubuntu, only install the upstart jobs. This change also moves all the init related stuff to config/init/ Signed-off-by:
Stéphane Graber <stgraber@ubuntu.com> Acked-by:
Serge E. Hallyn <serge.hallyn@ubuntu.com>
-
Stéphane Graber authored
Signed-off-by:
-
S.Çağlar Onur authored
32 and 33 are not defined and causing sigaction to fail. "kill -l" shows following on my system 1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP 6) SIGABRT 7) SIGBUS 8) SIGFPE 9) SIGKILL 10) SIGUSR1 11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM 15) SIGTERM 16) SIGSTKFLT 17) SIGCHLD 18) SIGCONT 19) SIGSTOP 20) SIGTSTP 21) SIGTTIN 22) SIGTTOU 23) SIGURG 24) SIGXCPU 25) SIGXFSZ 26) SIGVTALRM 27) SIGPROF 28) SIGWINCH 29) SIGIO 30) SIGPWR 31) SIGSYS 34) SIGRTMIN 35) SIGRTMIN+1 36) SIGRTMIN+2 37) SIGRTMIN+3 38) SIGRTMIN+4 39) SIGRTMIN+5 40) SIGRTMIN+6 41) SIGRTMIN+7 42) SIGRTMIN+8 43) SIGRTMIN+9 44) SIGRTMIN+10 45) SIGRTMIN+11 46) SIGRTMIN+12 47) SIGRTMIN+13 48) SIGRTMIN+14 49) SIGRTMIN+15 50) SIGRTMAX-14 51) SIGRTMAX-13 52) SIGRTMAX-12 53) SIGRTMAX-11 54) SIGRTMAX-10 55) SIGRTMAX-9 56) SIGRTMAX-8 57) SIGRTMAX-7 58) SIGRTMAX-6 59) SIGRTMAX-5 60) SIGRTMAX-4 61) SIGRTMAX-3 62) SIGRTMAX-2 63) SIGRTMAX-1 64) SIGRTMAX Signed-off-by:
S.Çağlar Onur <caglar@10ur.org> Acked-by:
-
Stéphane Graber authored
This adds rename(new_name) to the binding as well as two new const, LXC_CLONE_KEEPBDEVTYPE and LXC_CLONE_MAYBE_SNAPSHOT. Signed-off-by:
-
Serge Hallyn authored
1. don't return bools for int-return functions 2. copy the filename to controller before using it 3. use full filename not just the key to pass to cgmanager Signed-off-by: -
Stéphane Graber authored
Alias -f to --fancy and -F to --fancy-format. Signed-off-by:
-
Stéphane Graber authored
ValueError typically means that the user doesn't have permissions to access the directory. Raising an exception there isn't consistent with other error behaviour of list_containers which simple returns an empty tuple. So simply catch the exception and ignore it. An error message is already printed by LXC itself anyway. Signed-off-by:
-
Serge Hallyn authored
Signed-off-by: -
Qiang Huang authored
Look through all LXC code and seems like only here are missed. Signed-off-by:
Qiang Huang <h.huangqiang@huawei.com> Acked-by:
-
KATOH Yasufumi authored
* lxc-unshare(1): Update for commit c1bb25a8 and 13d8bde9 * lxc.conf(5): Update for commit 04a243f1Signed-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp> Acked-by:
-
S.Çağlar Onur authored
This is perfectly safe since you cannot unmount the host fs from a child userns. Signed-off-by:
-
Serge Hallyn authored
Not being able to get freezer state is perfectly valid - if the container does not exist. The old version of freezer_state only reported an error on actually reading the cgroup file, but not on not finding a cgroup file. Leave it to the caller to report the error if it is important, since we don't actually know any useful info here anyway. Signed-off-by: -
S.Çağlar Onur authored
Currently it fails like following gcc -DHAVE_CONFIG_H -I. -I../../src -D_FORTIFY_SOURCE=2 -fPIC -DPIC -I../../src -DLXCROOTFSMOUNT=\"/usr/lib/x86_64-linux-gnu/lxc/rootfs\" -DLXCPATH=\"/var/lib/lxc\" -DLXC_GLOBAL_CONF=\"/etc/lxc/lxc.conf\" -DLXCINITDIR=\"/usr/libexec\" -DLXCTEMPLATEDIR=\"/usr/share/lxc/templates\" -DLOGPATH=\"/var/log/lxc\" -DLXC_DEFAULT_CONFIG=\"/etc/lxc/default.conf\" -DLXC_USERNIC_DB=\"/run/lxc/nics\" -DLXC_USERNIC_CONF=\"/etc/lxc/lxc-usernet\" -DDEFAULT_CGROUP_PATTERN=\"/lxc/%n\" -DHAVE_APPARMOR -DHAVE_CGMANAGER -DHAVE_SELINUX -DHAVE_SECCOMP -pthread -I/usr/include/dbus-1.0 -I/usr/lib/x86_64-linux-gnu/dbus-1.0/include -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall -Werror -MT liblxc_so-cgmanager.o -MD -MP -MF .deps/liblxc_so-cgmanager.Tpo -c -o liblxc_so-cgmanager.o `test -f 'cgmanager.c' || echo './'`cgmanager.c In file included from cgmanager.c:48:0: cgmanager.c: In function ‘cgmanager_remove_cgroup’: log.h:247:9: error: format ‘%s’ expects a matching ‘char *’ argument [-Werror=format=] struct lxc_log_locinfo locinfo = LXC_LOG_LOCINFO_INIT; \ ^ cgmanager.c:142:3: note: in expansion of macro ‘INFO’ INFO("cgroup removal attempt: %s:%s did not exist"); ^ log.h:247:9: error: format ‘%s’ expects a matching ‘char *’ argument [-Werror=format=] struct lxc_log_locinfo locinfo = LXC_LOG_LOCINFO_INIT; \ ^ cgmanager.c:142:3: note: in expansion of macro ‘INFO’ INFO("cgroup removal attempt: %s:%s did not exist"); ^ cc1: all warnings being treated as errors make[3]: *** [liblxc_so-cgmanager.o] Error 1 Signed-off-by: -
Serge Hallyn authored
in particular, regular unfreeze uses the cmd api to request the cgroup of the container. If we are already in the lxc-start monitor, we can't use the cmd api. (I knew when I started this would be a problem but then as it didn't reliably crash, I forgot to handle it) Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
This patch splits out most of the cgroupfs-specific code, so that cgroup-manager versions can be plugged in. The case I did not handle is cgroup_enter at lxc_attach. I'm hoping that case can be greatly simplified, but will worry about it after fleshing out the cgroup manager handlers. This also simplify the freezer functions. This seems to not regress my common tests when running without cgmanager, but I'd like to do a bit more testing before pushing. However I was hoping to get some more eyes on this so am sending it out now. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
The forking logic was wrong, causing both the child and the parent to call the template with -h. Signed-off-by:
-
Stéphane Graber authored
Apparently this file has gone over 5 years without getting into a dist tarball! Signed-off-by: -
Stéphane Graber authored
Signed-off-by:
-
- 15 Jan, 2014 19 commits
-
-
Stéphane Graber authored
sethostname doesn't exist on bionic, so copy/paste the definition of it we have in conf.c Signed-off-by: -
Serge Hallyn authored
so we can't use uid==-1 as "don't do setuid" Signed-off-by: -
Seth Robertson authored
lxc_unshare now takes one or more '-i interfacename' arguments which will move the named interfaces into the created container. lxc_unshare now takes -M argument which will cause the standard mounts (/proc /dev/shm /dev/mqueue) to be auto-mounted inside container. lxc_unshare now takes '-H hostname' argument to automatically set the hostname in the container. lxc_unshare now takes -D argument to automatically daemonize and detach from the created container, instead of waiting for the container to exit Signed-off-by:
Seth Robertson <srobertson@appcomsci.com> Acked-by:
-
Seth Robertson authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Without this /dev/console won't exist and upstart will fail to start any job marking as "console output" including the rather important rcS. Signed-off-by:
-
Dwight Engen authored
Signed-off-by:
Dwight Engen <dwight.engen@oracle.com> Acked-by:
-
Dwight Engen authored
Signed-off-by:
-
Dwight Engen authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
KATOH Yasufumi authored
Signed-off-by:
TAMUKI Shoichi <tamuki@linet.gr.jp> Signed-off-by:
-
Chris Glass authored
I unfortunately realized that I did not push the latest version of the file. This fixes an issue in the case where we want to create the proxy file in the container (not nested). Signed-off-by:
Chris Glass <tribaal@gmail.com> Acked-by:
-
Qiang Huang authored
Signed-off-by:
-
Qiang Huang authored
Signed-off-by:
-
Qiang Huang authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by: -
Dwight Engen authored
Signed-off-by:
-
KATOH Yasufumi authored
Update for commit df2d4205Signed-off-by:
-
