- 17 Feb, 2014 2 commits
-
-
Stéphane Graber authored
This adds detection for the case where we are root in an unprivileged container and then run LXC from there. In this case, we want to download to the system location, ignore the missing uid/gid ranges and run templates that are userns-ready. Signed-off-by:
Stéphane Graber <stgraber@ubuntu.com> Acked-by:
Serge E. Hallyn <serge.hallyn@ubuntu.com>
-
S.Çağlar Onur authored
lxc-user-nic now returns the names of the interfaces and unpriv_assign_nic function parses that information to fill missing netdev->veth_attr.pair and netdev->name. With this patch get_running_config_item started to provide correct information; >>> import lxc; c = lxc.Container("rubik"); c.get_running_config_item("lxc.network.0.name"); c.get_running_config_item("lxc.network.0.veth.pair"); 'eth0' 'veth9MT2L4' >>> and lxc-info started to show network stats; lxc-info -n rubik Name: rubik State: RUNNING PID: 23061 IP: 10.0.3.233 CPU use: 3.86 seconds BlkIO use: 88.00 KiB Memory use: 6.53 MiB KMem use: 0 bytes Link: veth9MT2L4 TX bytes: 3.45 KiB RX bytes: 8.83 KiB Total bytes: 12.29 KiB Signed-off-by:S.Çağlar Onur <caglar@10ur.org> Acked-by:
-
- 15 Feb, 2014 11 commits
-
-
Serge Hallyn authored
and don't close the sigfd Signed-off-by: -
Serge Hallyn authored
Otherwise we can't open /proc/self/fd to find the fds to close. Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Serge Hallyn authored
Not before we've even forked. Signed-off-by:
-
- 14 Feb, 2014 4 commits
-
-
S.Çağlar Onur authored
Signed-off-by:
-
Dwight Engen authored
also fix the check if the string will fit the local buffer Signed-off-by:
Dwight Engen <dwight.engen@oracle.com> Acked-by:
-
KATOH Yasufumi authored
Signed-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp> Acked-by:
-
Serge Hallyn authored
Signed-off-by:
-
- 13 Feb, 2014 18 commits
-
-
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Fix clang breakage. This reverts commit 7cd32872.
-
S.Çağlar Onur authored
Signed-off-by:
-
S.Çağlar Onur authored
Signed-off-by:
-
Dwight Engen authored
The kernel's Documentation/devices.txt says that these symlinks should exist in /dev (they are listed in the "Compulsory" section). I'm not currently adding nfsd and X0R since they are required for iBCS, but they can be easily added to the array later if need be. Signed-off-by:
Michael H. Warfield <mhw@WittsEnd.com> Acked-by:
-
Stéphane Graber authored
This update will make it work unprivileged as well as testing a few of the new functions. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
With this change, systems that support it will use attach to run any provided command. This doesn't change the default behaviour of attaching to tty1, but it does make it much easier to script or even get a quick shell with: lxc-start-ephemeral -o p1 -n p2 -- /bin/bash I'm doing the setgid,initgroups,setuid,setenv magic in python rather than using the attach_wait parameters as I need access to the pwd module in the target namespace to grab the required information. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
This adds support for: - memory (total memory) - ram - swap Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
We used to do chdir(path), chroot(path). That's correct but not properly handled coverity, so do chroot(path), chdir("/") instead as that's the recommended way. Signed-off-by: -
KATOH Yasufumi authored
- Update Japanese man for commit a7c27357, seccomp v2 - Fix typo in English man Signed-off-by:
-
KATOH Yasufumi authored
Update lxc-clone(1) and lxc-snapshot(1) for commit 1f92162d and improve some translations Signed-off-by:
-
Serge Hallyn authored
This allows lxc-snapshot and lxc-clone -s from an overlayfs container to work unprivileged. (lxc-clone -s from a directory backed container already did work) Signed-off-by:
-
Stéphane Graber authored
Signed-off-by: -
Serge Hallyn authored
Signed-off-by:
-
- 12 Feb, 2014 5 commits
-
-
Serge Hallyn authored
Also don't use arm arch if not defined This *should* fix build so precise, but I didn't fire one off. I did test that builds with libseccomp2 still work as expected. Signed-off-by:
-
Stéphane Graber authored
- Run on distro without lsb_release - Don't try and interpret with_runtime_path as a command - Don't print stuff on screen while in the middle of a check Signed-off-by: -
Stéphane Graber authored
Now that we depend on seccomp2, the backport currently in precise is too old to allow for a succesful build, so instead use ppa:ubuntu-lxc/daily which contains recent versions of all needed build-dependencies. Signed-off-by: -
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
