- 14 Dec, 2012 3 commits
-
-
Daniel Lezcano authored
-
git://github.com/lxc/lxcDaniel Lezcano authored
-
Dwight Engen authored
If you start more than one lxc-start/lxc-execute with the same name at the same time, or just do an lxc-start/lxc-execute with the name of a container that is already running, lxc doesn't figure out that the container with this name is already running until fairly late in the initialization process: ie when __lxc_start() -> lxc_poll() -> lxc_command_mainloop_add() attempts to create the same abstract socket name. By this point a fair amount of initialization has been done that actually messes up the running container. For example __lxc_start() -> lxc_spawn() -> lxc_cgroup_create() -> lxc_one_cgroup_create() -> try_to_move_cgname() moves the running container's cgroup to a name of deadXXXXXX. The solution in this patch is to use the atomic existence of the abstract socket name as the indicator that the container is already running. To do so, I just refactored lxc_command_mainloop_add() into an lxc_command_init() routine that attempts to bind the socket, and ensure this is called earlier before much initialization has been done. In testing, I verified that maincmd_fd was still open at the time of lxc_fini, so the entire lifetime of the container's run should be covered. The only explicit close of this fd was in the reboot case of lxcapi_start(), which is now moved to lxc_fini(), which I think is more appropriate. Even though it is not checked any more, set maincmd_fd to -1 instead of 0 to indicate its not open since 0 could be a valid fd. Signed-off-by:
Dwight Engen <dwight.engen@oracle.com> Acked-by:
Serge E. Hallyn <serge.hallyn@ubuntu.com>
-
- 13 Dec, 2012 2 commits
-
-
Daniel Lezcano authored
Signed-off-by:Daniel Lezcano <dlezcano@fr.ibm.com>
-
git://github.com/lxc/lxcDaniel Lezcano authored
Signed-off-by:
-
- 11 Dec, 2012 4 commits
-
-
Dwight Engen authored
For example doing "lxc-execute -n tmpct /bin/bash" will call setup_kmsg(), but in this case rootfs->mount/dev directory doesn't even exist so the call to symlink fails with ENOENT. Commit f62b3449 made this failure not fatal, but we should not even try it when we know it will fail. See similar code in setup_tty(), setup_console(), etc. Signed-off-by:
Stéphane Graber <stgraber@ubuntu.com>
-
Serge Hallyn authored
Detect the new api by existence in seccomp.h of the scmp_filter_ctx type in configure.ac. Signed-off-by: -
Serge Hallyn authored
Signed-off-by: -
Serge Hallyn authored
Signed-off-by:
-
- 10 Dec, 2012 5 commits
-
-
Dwight Engen authored
Signed-off-by:
Michael H. Warfield <mhw@WittsEnd.com>
-
Stéphane Graber authored
Update add_device_node to use the new set_cgroup_item call instead of having to figure out the cgroup paths and update the entries manually. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Updates the binding for the two new functions. This also fixes some problems with the argument checking of get_config_item that'd otherwise lead to a segfault. The python binding for set_cgroup_item and get_cgroup_item are pretty raw as lxc has little control over the cgroup entries. That means that we don't try to interpret lists as we do for the config entries. Signed-off-by:
-
Stéphane Graber authored
The python binding was forcing the user to pass a base path to get_keys() even though the C binding doesn't require it. Signed-off-by:
-
- 07 Dec, 2012 4 commits
-
-
Serge Hallyn authored
Signed-off-by: -
Stéphane Graber authored
Signed-off-by:
-
Serge Hallyn authored
set_cgroup_item takes a pointer to a running container, a cgroup subsystem name, and a char *value and it mimicks 'lxc-cgroup -n containername subsys value' get_cgroup_item takes a pointer to a running container, a a cgroup subsystem name, a destination value * and the length of the value being sent in, and returns the length of what was read from the cgroup file. If a 0 len is passed in, then the length of the file is returned. So you can do len = c->get_cgroup_item(c, "devices.list", NULL, 0); v = malloc(len+1); ret = c->get_cgroup_item(c, "devices.list", v, len); to read the whole file. This patch also disables the lxc-init part of the startone test, which was failing because lxc-init has been moved due to multiarch issues. The test is salvagable, but saving it was beyond this effort. Signed-off-by:
-
Stéphane Graber authored
This restores an old behaviour where lxc-create can be called without a template. In such case, only a minimal configuration is built and no rootfs is created. However the various backingstore code is still used. Signed-off-by:
-
- 06 Dec, 2012 9 commits
-
-
Dwight Engen authored
Signed-off-by:
-
Stéphane Graber authored
Switch the python scripts to using @LXCPATH@. According to grep, this was the last occurence of a /var/*/lxc path in the code. Signed-off-by:
-
Stéphane Graber authored
Move to per-template lock (except for oracle that's per-container). Also ensure that the path used for the lock is relative to LOCALSTATEDIR. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Use LOCALSTATEDIR to generate the path to the cache. Signed-off-by:
-
Stéphane Graber authored
This commit updates all scripts using mixed indent to a consistent 4 spaces indent. In the past quite a few of those scripts used tabs to instead of 8 spaces or instead of 4 spaces, sometimes mixing those in the same line and sometimes changing the tab width within the same file. Signed-off-by:
-
Stéphane Graber authored
This updates all the templates and the configuration files to consistently use "key = value" everywhere. Signed-off-by:
-
Stéphane Graber authored
- Update COPYING to the current copy of the LPGL-2.1 license from common-licences (only difference is some indentation). - Remove mixed tabs/spaces in CONTRIBUTING - Make INSTALL fit on 79 cols. Signed-off-by:
-
Stéphane Graber authored
This adds a section about the staging branch to the README and updates the list of supported architectures. Signed-off-by:
-
- 05 Dec, 2012 6 commits
-
-
Stéphane Graber authored
Let oracle template work when host is fedora or oracle and the lsb_release command is not present. Verify the arch given is valid. Don't add lxc.network section again if already present. Signed-off-by:
-
Dwight Engen authored
Signed-off-by:
-
Stéphane Graber authored
lxc-archlinux was apparently left out of the last change, apply the same modification as the other templates. Signed-off-by: -
Dwight Engen authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
Stéphane Graber authored
Re-arrange the code so that we only grab the container object when doing something more than building a simple list of existing containers. This means that now the following calls can run unprivileged: - lxc-ls - lxc-ls -1 Everything else will still require root privileges. Signed-off-by:
-
- 04 Dec, 2012 7 commits
-
-
Stéphane Graber authored
This commit does the following changes to the python API: - Rename the add_device API call to add_device_node - Adds an extra check that the container is running to add_device_node - Introduces a new add_device_net function And the following changes to the lxc-device tool: - Change parser setup to better cope with variable number of arguments - Add support for network devices (currently auto-detected) - Support for different names on the host and in the container Signed-off-by:
-
Stéphane Graber authored
Instead of returning a python stacktrace, check what the current euid is and show an argparse error message similar to that used in lxc-start-ephemeral. Signed-off-by:
-
Stéphane Graber authored
Instead of returning a python stacktrace, check what the current euid is and show an argparse error message similar to that used in lxc-start-ephemeral. Signed-off-by:
-
Stéphane Graber authored
Use argparse's error function instead of our own print + exit. Signed-off-by:
-
Serge Hallyn authored
When a physical nic is being set up, store its ifindex and original name in struct lxc_conf. At reboot, reset the original name. We can't just go over the original network list in lxc_conf at shutdown because that may be tweaked in the meantime through the C api. The saved_nics list is only setup during lxc_spawn(), and restored and freed after lxc_start. Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1086244 Changelog: remove non-effect change in execute.c Signed-off-by:
-
Dwight Engen authored
The $LXCPATH (default /var/lib/lxc) directory was not being created by make install, so unless it gets created by some other means (packaging tools), commands such as lxc-create will fail. Signed-off-by:
-
Stéphane Graber authored
Re-introduce the old lxc-ls script and manpage under a new legacy sub-directory. Those will be installed in place of their python equivalent when LXC is built without --enable-python. Any other script ported to python should be added to those lists. Signed-off-by:
-
