Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Only check for DEVPTS_MULTIPLE_INSTANCES on kernels < 4.7.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

This can be used by downstreams to improve their "feature" checks.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Signed-off-by: Roman Mueller <roman.mueller@gmail.com>

Make sure we always free any memory that was allocated by the call to
lxc_normalize_path().
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

Use 'apt-conf' virtual package for ALTLinux default packages set
Signed-off-by: Denis Pynkin <denis_pynkin@epam.com>

Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

Make sure we don't return uninitialized memory.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

Signed-off-by: Oliver Matthews <oliver@codersoffortune.net>

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

When the mtu cannot be retrieved from netdev->link try from veth device.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

When mtu is not set, try to retrieve mtu from netdev->link.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

Otherwise in the error case, we end up subtracting two from the
static_args, which would lead to a segfault :)
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

This is almost never the right thing to use, and we don't use it any more
anyway.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

We initialized cgfsng in a strange way inside of its implementation of
escape so we could use it during checkpoint. Instead, the previous patch
does a hacky initialization in criu.c, and we can get rid of the hacks
elsewhere :)
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

CRIU has added support for passing --cgroup-root on dump, which we should
use (see the criu commit 07d259f365f224b32914de26ea0fd59fc6db0001 for
details). Note that we don't have to do any version checking or anything,
because CRIU just ignored --cgroup-root on checkpoint before, so passing it
is safe, and will result in correct behavior when a sufficient version of
CRIU is present.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

N.B. that these are only implemented in cgfsng, but,

15:28:28    tych0 | do we still use cgfs anywhere? or the cgm backend?
15:29:19 stgraber | not anywhere we care about

...I think that's okay.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

Template catches arch from uname -m, but for ppc64el system, arch reports ppc64le
which doesn't match image repo.
Signed-off-by: Thierry Fauck <tfauck@free.fr>
Signed-off-by: Serge Hallyn <serge@hallyn.com>

Signed-off-by: Lukas Pirl <git@lukas-pirl.de>

2cb80427 introduced a malloc without a
matching free.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

- We expect destroy to fail in zfs_clone() so try to silence it so users are
  not irritated when they create zfs snapshots.
- Add -r recursive to zfs_destroy(). This code is only hit when a) the
  container has no snapshots or b) the user calls destroy with snapshots. So
  this should be safe. Without -r snapshots will remain.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

Signed-off-by: Alex Athanasopoulos <alex@melato.org>

Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>

-Werror may break builds on some scenarios with trivialities
(especially during developments).
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>

lxc_console is used with lxc_console.c
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>

An incorrect quoting introduced in bf39edb3 caused a /{lib,etc} folder to
appear in Debian templates

The very next line :
    mkdir -p "${rootfs}/etc/systemd/system/getty.target.wants

makes creating ${rootfs}/etc/systemd/system/ unnecessary in the first
place
Signed-off-by: Maxime Besson <maxime.besson@smile.fr>

Given commit 330ae3d3:

    lxccontainer: detect if we should send SIGRTMIN+3

    This is required by systemd to cleanly shutdown. Other init systems should not
    have SIGRTMIN+3 in the blocked signals set.

we should stop symlinking halt.target to sigpwr.target for systemd.
Signed-off-by: Christian Brauner <cbrauner@suse.de>

otherwise the generated docs have the full build path in them
and nonbody cares that the files were built in
 /build/lxc-_BVY2u/lxc-2.0.4/src/lxc/
Signed-off-by: Evgeni Golov <evgeni@debian.org>

Previously, we write a "success" status but tried to parse the pid. This
meant that we wouldn't notice a successful restore but failure to parse the
pid, which was a little strange.

We still don't know the child pid, so we will end up with a restored
process tree and a running container, but at least in this case the API
will return false indicating that something failed.

We could kill(-1, 9) in this case, but since liblxc runs as root sometimes
(e.g. LXD), that would be a Very Bad Thing.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

Signed-off-by: James Cowgill <james410@cowgill.org.uk>

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

All we really needed a unique temp file for was passing the pid. Since CRIU
opened this with O_EXCL | O_CREAT, this was "safe" (users could still
overwrite it afterwards, but the monitor would immediately die since the
only valid number in there was the init process).

In any case, we can just read /proc/self/tid/children, which lists the
child process.

Closes #1150
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>

Signed-off-by: Christian Brauner <cbrauner@suse.de>