- 16 Jan, 2014 1 commit
-
-
Stéphane Graber authored
Signed-off-by:Stéphane Graber <stgraber@ubuntu.com>
-
- 15 Jan, 2014 27 commits
-
-
Stéphane Graber authored
sethostname doesn't exist on bionic, so copy/paste the definition of it we have in conf.c Signed-off-by: -
Serge Hallyn authored
so we can't use uid==-1 as "don't do setuid" Signed-off-by:Serge Hallyn <serge.hallyn@ubuntu.com>
-
Seth Robertson authored
lxc_unshare now takes one or more '-i interfacename' arguments which will move the named interfaces into the created container. lxc_unshare now takes -M argument which will cause the standard mounts (/proc /dev/shm /dev/mqueue) to be auto-mounted inside container. lxc_unshare now takes '-H hostname' argument to automatically set the hostname in the container. lxc_unshare now takes -D argument to automatically daemonize and detach from the created container, instead of waiting for the container to exit Signed-off-by:
Seth Robertson <srobertson@appcomsci.com> Acked-by:
-
Seth Robertson authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Without this /dev/console won't exist and upstart will fail to start any job marking as "console output" including the rather important rcS. Signed-off-by:
-
Dwight Engen authored
Signed-off-by:
Dwight Engen <dwight.engen@oracle.com> Acked-by:
-
Dwight Engen authored
Signed-off-by:
-
Dwight Engen authored
Signed-off-by:
-
Serge Hallyn authored
Signed-off-by:
-
KATOH Yasufumi authored
Signed-off-by:
TAMUKI Shoichi <tamuki@linet.gr.jp> Signed-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp> Acked-by:
-
Chris Glass authored
I unfortunately realized that I did not push the latest version of the file. This fixes an issue in the case where we want to create the proxy file in the container (not nested). Signed-off-by:
Chris Glass <tribaal@gmail.com> Acked-by:
-
Qiang Huang authored
Signed-off-by:
Qiang Huang <h.huangqiang@huawei.com> Acked-by:
-
Qiang Huang authored
Signed-off-by:
-
Qiang Huang authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by: -
Dwight Engen authored
Signed-off-by:
-
KATOH Yasufumi authored
Update for commit df2d4205Signed-off-by:
-
Chris Glass authored
Added a commented squid-deb-proxy hook to the common ubuntu config file as suggested when merging the squid-deb-proxy-client hook. Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
The path isn't relative to @LOCALSTATEDIR@ Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
Signed-off-by:
-
Qiang Huang authored
If we start container with rcfile(see comments in lxc_start.c), it is possible that we have no config file in /usr/local/var/lib/lxc. So when we try lxc_stop, lxc_container_new will not load any config so we'll get c->lxc_conf = NULL. In that case, we'll get Segmentation fault in lxcapi_shutdown, a simple check would fix this. Signed-off-by:
-
- 14 Jan, 2014 12 commits
-
-
Stéphane Graber authored
Instead of always returning -1 and call SYSERROR when the child returns non-zero. Have userns_exec_1 always return the return value from the function it's calling and let the caller do the error handling (as is already done by its only caller). Signed-off-by:
-
Stéphane Graber authored
Signed-off-by: -
Stéphane Graber authored
It's been brought to my attention that the read-only mount of /proc/sys is causing problems to archlinux users, so instead just have LXC mount proc and sysfs normally (read-write). Reported-by:
John Lane <john@lane.uk.net> Signed-off-by:
-
John Lane authored
Signed-off-by:
-
John Lane authored
Signed-off-by:
-
John Lane authored
Signed-off-by:
-
John Lane authored
Signed-off-by:
-
Michael H. Warfield authored
This is a reissue of two previous patches along with some additional changes for hardening the root password process based on discussions on-list. -- This patch modifies the lxc-fedora and lxc-centos templates for 3 things. 1) Extensively modifies root password generation, storage, and management based on discussions on the devel list. Root passwords are hardened and have advanced configurability. A static password may be provided. A password based on a template may be generated, including ${RANDOM}. A password may be generated through mktmp using a template with X's. Root passwords default to expired, initially. Passwords may optionally be echoed to stdout at container creation. (no) Passwords may optionally be stored in ${rootfs_path}/tmp_root_pass. (yes) Users may be optionally forced to change the password at creation time. (no) Default is to generate a pattern based password and store, no force change. All of this may be overridden by environment variables through conditional assignment. 2) Random static hardware addresses are generated for all configured interfaces. 3) Add code to create sysv init style scripts to intercept shutdown and reboot to prevent init restart and hang for CentOS and legacy Fedora systems on shutdown, reboot, init 0, and init 6. This solves a variety of hang conditions but only affects newly created containers. Does not have any impact on systemd based containers. Signed-off-by:Michael H. Warfield <mhw@WittsEnd.com> Acked-by:
-
Stéphane Graber authored
Signed-off-by: -
lxc@zitta.fr authored
Signed-off-by:
gza <lxc@zitta.fr> Acked-by:
-
Serge Hallyn authored
Pretty much the only case where we do NOT want to daemonize a container start is lxc-start. So make c->daemonize true by default, and have lxc-start set it to false. If there are existing API users who rely on daemonize by default, then they will be broken by this. It seems we should do this before beta1 if we're going to do it. Signed-off-by:
-
Chris Glass authored
This makes the ubuntu and ubuntu-cloud templates automatically aware of apt proxy settings when the LXC host has "squid-deb-proxy-client" installed. This makes installations *much* faster when a suitable squid-deb-proxy is found on the network (or installed on the host). Signed-off-by:
-
