- 23 Jan, 2014 9 commits
-
-
Stéphane Graber authored
Signed-off-by:
Stéphane Graber <stgraber@ubuntu.com> Acked-by:
Serge E. Hallyn <serge.hallyn@ubuntu.com>
-
Serge Hallyn authored
Changelog: Jan 22: as Michael Warfield pointed out, we should only ignore EINVAL, since EFAULT points to a more serious problem. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by: -
Serge Hallyn authored
When creating a cgroup, detect whether cgroup.clone_children exists. If not, then manually copy the parent's cpuset.cpus and cpuset.mems values. Signed-off-by:
-
KATOH Yasufumi authored
allow not to specify a variable that is related installed packages Signed-off-by:
TAMUKI Shoichi <tamuki@linet.gr.jp> Signed-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp> Acked-by:
-
Qiang Huang authored
When you start a container in daemon model, you have at least 3 processes: 1. The command the user start (lxc-start -d) 2. The backgrounded fork of that command after start() is done 3. The container init process In PID file, we need (2), but currently we are writing (1), this is wrong because (1) exits as soon as the container is started, it's complately useless. So we write pid after daemonize, so that we'll always write the right pid to PID file. Reported-by:
Qiang Huang <h.huangqiang@huawei.com> Acked-by:
-
Qiang Huang authored
So we can remove PID file untill lxc_container_free. This also fix bug: https://github.com/lxc/lxc/issues/89Signed-off-by:
-
Serge Hallyn authored
In the daemonized case we will fork, so the anonymous container memlock will not be shared between parent and child. Signed-off-by: -
Stéphane Graber authored
Signed-off-by:
-
- 22 Jan, 2014 14 commits
-
-
Serge Hallyn authored
Signed-off-by:
-
Dwight Engen authored
Signed-off-by:
Dwight Engen <dwight.engen@oracle.com> Acked-by:
-
Serge Hallyn authored
Coverity warns of the danger of a short read otherwise. (Untested, but should be correct; Tossing over to you :) Signed-off-by:
S.Çağlar Onur <caglar@10ur.org>
-
Stéphane Graber authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
Signed-off-by: -
Stéphane Graber authored
Don't try to print the PID, IP addresses or statistics for a container that's not current running. Signed-off-by:
-
Stéphane Graber authored
lxc-ps and lxc-netstat have an unfortunate tendency to break every so often, produce mostly unreadable output and should be replaced by a lxc-attach call in 99% of the cases. In an effort to cleanup the lxc-* namespace, I think those two should go, so this patch gets rid of them as well as any reference to them in our documentation. I also think that lxc-version should disappear as it's only a one line shell script printing the version string, so having a whole command just for that seems to be a bit of a waste. Instead, this patch introduces a new --version common option which all binaries will automatically inherit and that'll print LXC_VERSION on stdout and exit 0. Signed-off-by:
-
Stéphane Graber authored
This adds a basic bash auto-completion profile. It supports 3 things at this time: - Auto-complete of container name (-n or -o) - Auto-complete of template name (-t) - Auto-complete of state names (-s) It's configured in a way to be as little disruptive as possible, any argument that's not explicitly handled by the profile will fallack to bash's default completion. Signed-off-by:
-
Stéphane Graber authored
Without this, the container entirely fails to start. Signed-off-by: -
Michael H. Warfield authored
This updates the Fedora and CentOS templates to utilize a common included config. This is largely based on the changes in the Oracle template with some exceptions. Dropping of setpcap (present in the Oracle template) is commented out in the Fedora template. It seems to cause problems, such as large login delays with Fedora 20 containers (but not Fedora 19 - strange). The Fedora template is further modified to disable systemd-journald.service as it is unnecessary in a container and causes serious problems when running in a Fedora 20 container. The Fedora template is also updated to default to Fedora 20 when running on a non-Fedora host. Regards, Mike Signed-off-by:
Michael H. Warfield <mhw@WittsEnd.com> Acked-by:
-
S.Çağlar Onur authored
Based on Stéphane's suggestion, those two API methods now; * fork a new process, * switch to appropriate namespace(s), * do what we want, * return the data over a pipe to the parent which returns the result to the original caller. For the whole thread please see; https://lists.linuxcontainers.org/pipermail/lxc-devel/2014-January/007362.html This patch also makes lxc-ls and lxc-info call those functions. I'm adding Stéphane as an author here since both the idea as well as the initial setns code come from him. Author: S.Çağlar Onur <caglar@10ur.org> Author: Stéphane Graber <stgraber@ubuntu.com> Signed-off-by:
-
- 21 Jan, 2014 7 commits
-
-
KATOH Yasufumi authored
Allow to specify additional packages Signed-off-by:
-
S.Çağlar Onur authored
commit f4364484 introduced attach functionality to unprivileged containers so remove this check like the rest of the attach functions. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
This fixes command line tools and functions which use lxc_global_config_value o get lxcpath but don't strip the trailing / leading to mismatching command path (as lxc_container_new does strip the path). As lxcpath is typically a const and so can't easily be changed by the caller, add the trick directly into lxc_global_config_value (having to juggle a bit in there too to avoid trying to alter a const). Signed-off-by:
-
Stéphane Graber authored
This change makes lxc-attach and the matching API functions work properly with unprivileged containers. The trick needed to make that possible was to always start with the userns when attaching and also relocate the cgroup management code so that the intermediate process is moved to the cgroup before attaching to the container's namespace as doing so later would fail due to missing permissions. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by: -
Dimitri John Ledkov authored
This adds a fallback to the daily channel if an image couldn't be found in the released one. Signed-off-by:
Dimitri John Ledkov <dimitri.ledkov@canonical.com> Acked-by:
-
- 20 Jan, 2014 5 commits
-
-
Robert Vogelgesang authored
Include the IPv4/IPv6 prefix if it's set. Signed-off-by:
Robert Vogelgesang <vogel@users.sourceforge.net> Acked-by:
-
S.Çağlar Onur authored
Return an error if the function is not supposed to be called by an unprivileged user. Otherwise those calls fail in the middle of their execution with different reasons. changes since v2: - am_unpriv is now a simple geteuid check, - API functions are now providing error messages, - lxc-info, lxc-attach are now checking geteuidi, - lxc-ls is now calling get_ips only if the container is running Signed-off-by:
-
Serge Hallyn authored
Also replace a wrong free of nih-allocated variable with nih_free. Signed-off-by:
-
KATOH Yasufumi authored
Signed-off-by:
-
KATOH Yasufumi authored
Update for commit 33ddfc2aSigned-off-by:
-
- 19 Jan, 2014 3 commits
-
-
Stéphane Graber authored
This reverts commit c3f0f139. Done as Serge Hallyn's request: Nacked-by:
-
Serge Hallyn authored
Signed-off-by: -
Qiang Huang authored
When start container with daemon model, we'll have a new daemon process in lxcapi_start, whose c->numthreads is 2, inherited from his father. Even his father return to main(), the lxc_container_put won't affect son's numthreads. So when daemon stops, he should return to main and do lxc_container_put again, rather than exit and leave the container alone. Signed-off-by:
-
- 18 Jan, 2014 2 commits
-
-
KATOH Yasufumi authored
* make simple * change default download site to http://ftp.ring.gr.jpSigned-off-by:
-
Stéphane Graber authored
Checkpoint/restart isn't currently supported, so let's not carry those binaries around until we have proper CRIU support in the API. lxc-kill is redundant with lxc-stop -k and has been known to confuse user. Signed-off-by:
-
