- 25 Jan, 2015 4 commits
-
-
Stéphane Graber authored
Signed-off-by:Stéphane Graber <stgraber@ubuntu.com>
-
Tomas Pospisek authored
- document environment variables - add missing --packages switch to command line - describe how to pass template options to lxc-create (since lxc-create -h doesn't tell you) - render help text in the same pretty format as lxc-create does Signed-off-by:
Tomáš Posíšek <tpo_deb@sourcepole.ch> Acked-by:
-
Patrick O'Leary authored
The `index` libc function was removed in POSIX 2008, and `strchr` is a direct replacement. The bionic (Android) libc has removed `index` when you are compiling for a 64-bit architecture, such as AArch64. Signed-off-by:
Patrick O'Leary <patrick.oleary@gmail.com> Acked-by:
-
hallyn authored
fix failed to fallback at lxclock_name
-
- 24 Jan, 2015 6 commits
-
-
Jörg Thalheim authored
Signed-off-by:
Jörg Thalheim <joerg@higgsboson.tk> Acked-by:
-
Vicente Olivert Riera authored
Reuse the code from the Debian template to associate a hwaddr if there is only one veth interface in the container's config file. Signed-off-by:
Vicente Olivert Riera <Vincent.Riera@imgtec.com> Acked-by:
-
Johannes Kastl authored
Ensures matching versions of lxc and lxc-libs being installed Signed-off-by:
Johannes Kastl <mail@ojkastl.de> Acked-by:
Serge E. Hallyn <serge.hallyn@ubuntu.com>
-
Thomas Moschny authored
Signed-off-by:
Thomas Moschny <thomas.moschny@gmail.com> Acked-by:
-
Markus Elfring authored
The following functions return immediately if a null pointer was passed. * container_destroy * lxc_cgroup_process_info_free_and_remove * lxc_cgroup_put_meta * toss_list It is therefore not needed that a function caller repeats a corresponding check. This issue was fixed by using the software Coccinelle 1.0.0-rc23. Signed-off-by:
Markus Elfring <elfring@users.sourceforge.net> Acked-by:
-
Markus Elfring authored
The function "free" is documented in the way that no action shall occur for a passed null pointer. It is therefore not needed that a function caller repeats a corresponding check. http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first This issue was fixed by using the software Coccinelle 1.0.0-rc23. Signed-off-by:
-
- 22 Jan, 2015 2 commits
-
-
Stéphane Graber authored
This defines a missing variable and re-indents the code a bit. Signed-off-by:
-
Kohei YOSHIDA authored
lxclock_name will fallback to /tmp/$(id -u)/lxc$lxcpath/.$lxcname when failed to create directories into rundir. But, in currently, lxclock_name returns untill preparing directories under the /tmp, so invoker will fail to get the container lock. This patch fixes fixes this. Signed-off-by:Kohei YOSHIDA <kohei.yoshida@gehirn.co.jp>
-
- 21 Jan, 2015 6 commits
-
-
Stéphane Graber authored
Signed-off-by: -
Michael Adam authored
Hi Michael, do you have any concerns with the attached patch to the fedora template that adds an option --mask-tmp that prevents fedora/systemd from over-mounting /tmp with tmpfs, which is useful in some cases? Thanks - Michael ----- Forwarded message from Michael Adam <obnox@samba.org> ----- Date: Sat, 10 Jan 2015 13:12:06 +0100 From: Michael Adam <obnox@samba.org> To: LXC development mailing-list <lxc-devel@lists.linuxcontainers.org> Subject: Re: [lxc-devel] [PATCHES] add "--mask-tmp" to lxc-fedora, plus some template script fixes User-Agent: Mutt/1.5.23 (2014-03-12) On 2015-01-10 at 13:08 +0100, Michael Adam wrote: > On 2015-01-10 at 04:05 +0000, Serge Hallyn wrote: > > > The less controversial one is adding mask-tmp to the fedora template. > > It looks fine to me, but that should go separately to mwarfield, our > > fedora template maintainer :) > > I had notified mhw of my patches on irc, but apparently he is > currently very busy. > > For a start, following is an update of the uncontroversial fix > patches, i.e. the fix patche without the path ones, and without > the mask-tmp patch. And here comes the mask-tmp patch. It needs to be applied onto the previous fix-patchset. From 9589dca113535ed2f4faad89db2fab33bb8a9d7e Mon Sep 17 00:00:00 2001 From: Michael Adam <obnox@samba.org> Date: Thu, 8 Jan 2015 10:25:24 +0100 Subject: [PATCH] lxc-fedora: add a new option --mask-tmp This will configure the container to prevent the standard behaviour of over-mounting /tmp with tmpfs, which can be undesirable in some cases. My personal use case is vagrant-lxc in combination with vagrant-cachier. Signed-off-by:
Michael Adam <obnox@samba.org> Acked-by:
-
hallyn authored
Fix instantiation of multiple vlan interfaces with same id
-
Stéphane Graber authored
Signed-off-by:
-
Stéphane Graber authored
It's now been proven over and over again that the symlink from /dev/kmsg to /dev/console is harmful for everything but upstart systems. As Ubuntu is now switching over to systemd too, lets switch the default. Upstart users wishing to see boot messages can always set lxc.kmsg = 1 manually in their config (so long as they don't expect to then dist-upgrade the container to systemd succesfuly). Signed-off-by:
-
Stéphane Graber authored
Now that autodev works fine with unprivileged containers and shouldn't come with any side effect, lets turn it on by default. Signed-off-by:
-
- 20 Jan, 2015 3 commits
-
-
Serge Hallyn authored
It turns out that the new upstream overlay fs requires that the delta and work dirs be under the same mount. So create a $lxcpath/tmpfs and create delta0 and work0 under that. If the user asks for a tmpfs that'll be mounted under $lxcpath/tmpfs and workdir and delta0 both created under that. This isn't heavily tested. But if fixes mounting of 'overlay' fs for me. It's "not backward compatible", since it moves delta0, but that shouldn't matter since ephemeral containers are either destroyed on exit, or re-started with lxc-start. Signed-off-by:
-
S.Çağlar Onur authored
suggested at https://lists.linuxcontainers.org/pipermail/lxc-devel/2014-December/010985.htmlSigned-off-by:
S.Çağlar Onur <caglar@10ur.org> Acked-by:
-
Serge Hallyn authored
Commit 67702c21 regressed the case where lxc-create use a config file with 'xx:xx' in lxc.network.hwaddr, so that the 'xx' were preserved in the container's configuration file. Expand those in the unexpanded_config file whenever we are reading a config file which is not coming from a 'lxc.include'. The config file will have \n-terminated lines, so update rand_complete_hwaddr to also stop on \n. Add a test case to make sure xx gets expanded at lxc-create. Signed-off-by:
-
- 19 Jan, 2015 1 commit
-
-
Stéphane Graber authored
Signed-off-by:
-
- 16 Jan, 2015 8 commits
-
-
Alexander Vladimirov authored
Signed-off-by:
Alexander Vladimirov <alexander.idkfa.vladimirov@gmail.com> Acked-by:
-
KATOH Yasufumi authored
Update for the commit 38005c54Signed-off-by:
KATOH Yasufumi <karma@jazz.email.ne.jp> Acked-by:
-
Serge Hallyn authored
If you have 'lxc.include = /some/dir' and /some/dir is a directory, then any '*.conf" files under /some/dir will be read. Signed-off-by:
-
Serge Hallyn authored
First, rename setup_autodev to fill_autodev, since all it does is populate it, not fully set it up. Secondly, if mknod of a device fails, then try bind-mounting it from the host rather than failing immediately. Note that this isn't an urgent patch because the common.userns configuration hook already specifies bind,create=file mount entries for all the devices we would want. Changelog (v3): ignore if /dev doesn't exist Signed-off-by:
-
Serge Hallyn authored
Do not keep container devs under /dev/.lxc. Instead, always keep them in a small tmpfs mounted at $(mounted_root)/dev. The tmpfs is mounted in the container monitor's namespace. This means that at every reboot it will get re-created. It seems to me this better replicates what happens on a real host. If we want devices persisting across reboots, then perhaps we can implement a $lxcpath/$name/keepdev directory containing devices to bind into the container at each startup. Changelog (v2): don't bother with the $lxcpath/$name/rootfs.dev directory, just mount the tmpfs straight into the container. Changelog (v3): Don't create /dev if it doesn't exist Signed-off-by:
-
Michael Adam authored
--help and --list are special in the sense that they are independent of the other options and exit early. Document them separately. Signed-off-by:
-
Michael Adam authored
Make it possible to use --list without having to specify --dist, --release, and --arch, which does not make a lot of sense. Signed-off-by:
-
Michael Adam authored
Signed-off-by:
-
- 15 Jan, 2015 3 commits
-
-
Serge Hallyn authored
We want to close all inherited fds in three cases - one, if a container is daemonized. Two, if the user specifies -C on the lxc-start command line. Three, in src/lxc/monitor.c. The presence of -C is passed in the lxc_conf may not always exist. One call to lxc_check_inherited was being done from lxc_start(), which doesn't know whether we are daemonized. Move that call to its caller, lxcapi_start(), which does know. Pass an explicit closeall boolean as second argument to lxc_check_inherited. If it is true, then all fds are closed. If it is false, then we check the lxc_conf->close_all_fds. With this, all tests pass, and the logic appears correct. Note that when -C is not true, then we only warn about inherited fds, but we do not abort the container start. This appears to have ben the case since commit 92c7f629 in 2011. Unfortunately the referenced URL with the justification is no longer valid. We may want to consider becoming stricter about this again. (Note that the commit did say "for now") Signed-off-by:
-
Serge Hallyn authored
We fixed this some time ago for basic lxc-start, but never did lxc-start-ephemeral. Since the lxc-start patches were pushed, Miklos has given us a way to detect whether we need the workdir= option. So the bdev.c code could be simplified to check for "overlay\n" in /proc/filesystems just as lxc-start-ephemeral does. This patch doesn't do that. Changelog (v2): 1. use 'overlay' fstype for new overlay upstream module 2. avoid using unneeded readlines(). Signed-off-by:
-
Michael Adam authored
Signed-off-by:
-
- 13 Jan, 2015 4 commits
-
-
Axel Neumann authored
Container fail to start with configs (as shown below) where the same vlan id is used for several type=vlan container interfaces. Then, during the instantiation of the vlan interfaces, an error occurs because the lxc code tries to assign the same temporary name to both of them before it is bound into the container. > lxc.network.type = vlan > lxc.network.flags = up > lxc.network.link = eth1 > lxc.network.vlan.id = 3842 > lxc.network.name = iso0 > > lxc.network.type = vlan > lxc.network.flags = up > lxc.network.link = eth2 > lxc.network.vlan.id = 3842 > lxc.network.name = iso1 Signed-off-by:Axel Neumann <neumann@cgws.de>
-
Serge Hallyn authored
This isn't the perfect fix. In fact close_all_fds shouldn't be stored in the lxc_conf. But this will fix the tests short-term. Signed-off-by: -
Serge Hallyn authored
it has unfortunate reprecussions elsewhere, and the needed fix can be done another way This reverts commit 1f76453a.
-
Serge Hallyn authored
Because we never have that any more Signed-off-by:
-
- 12 Jan, 2015 2 commits
-
-
Serge Hallyn authored
Riya Khanna reported that with a ramfs rootfs the mount to make / rprivate was returning -EFAULT. NULL was being passed as the mount target. Pass "/" instead. Reported-by:
riya khanna <riyakhanna1983@gmail.com>> Signed-off-by:
-
Serge Hallyn authored
When containers request to be daemonized, close-all-fd is set to true. But when we switched ot daemonize-by-default we didn't set close-all-fd by default. Fix that. In order to do that we have to always have a lxc_conf object. As a consequence, after this patch we can drop a bunch of checks for c->lxc_conf existing. We should consider removing those. This patch does not do that. This should close https://github.com/lxc/lxc/issues/354Signed-off-by:
-
- 10 Jan, 2015 1 commit
-
-
Michael Adam authored
by breaking and shortening some lines. Signed-off-by:
-
