-# -*- Autoconf -*-
-# Process this file with autoconf to produce a configure script.
+AC_PREREQ([2.69])
-m4_define([lxc_devel], 0)
-m4_define([lxc_version_major], 3)
-m4_define([lxc_version_minor], 2)
-m4_define([lxc_version_micro], 1)
+m4_define([lxc_devel], 1)
+m4_define([lxc_version_major], 4)
+m4_define([lxc_version_minor], 0)
+m4_define([lxc_version_micro], 0)
m4_define([lxc_version_beta], [])
m4_define([lxc_abi_major], 1)
-m4_define([lxc_abi_minor], 6)
+m4_define([lxc_abi_minor], 7)
m4_define([lxc_abi_micro], 0)
m4_define([lxc_abi], [lxc_abi_major.lxc_abi_minor.lxc_abi_micro])
ifelse(lxc_version_beta, [], [lxc_version_base], [lxc_version_base.lxc_version_beta])-devel,
ifelse(lxc_version_beta, [], [lxc_version_base], [lxc_version_base.lxc_version_beta]))])
-AC_INIT([lxc], [lxc_version])
+AC_INIT([lxc],[lxc_version])
# We need pkg-config
PKG_PROG_PKG_CONFIG
AM_INIT_AUTOMAKE([-Wall -Werror -Wno-portability subdir-objects])
AC_CANONICAL_HOST
AM_PROG_CC_C_O
-AC_GNU_SOURCE
+AC_USE_SYSTEM_EXTENSIONS
+AC_SYS_LARGEFILE
# Test if we have a new enough compiler.
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
AC_MSG_ERROR([Sorry, your compiler is too old - please upgrade it])
fi
+AC_PROG_GCC_TRADITIONAL
+AC_ENABLE_SHARED
+AC_ENABLE_STATIC
+# Check binaries
+AC_PROG_SED
+case $CC in clang*)
+ AC_CHECK_TOOL([AR], llvm-ar)
+ AC_CHECK_TOOL([NM], llvm-nm)
+ AC_CHECK_TOOL([OBJCOPY], llvm-objcopy)
+ AC_CHECK_TOOL([RANLIB], llvm-ranlib)
+esac
+
# libtool
LT_INIT
AC_SUBST([LIBTOOL_DEPS])
# Check for init system type
AC_MSG_CHECKING([for init system type])
AC_ARG_WITH([init-script],
- [AC_HELP_STRING([--with-init-script@<:@=TYPE@<:@,TYPE,...@:>@@:>@],
+ [AS_HELP_STRING([--with-init-script@<:@=TYPE@<:@,TYPE,...@:>@@:>@],
[Type(s) of init script to install: sysvinit, systemd, upstart,
distro @<:@default=distro@:>@])],[],[with_init_script=distro])
case "$with_init_script" in
# systemd unit dir
AC_ARG_WITH([systemdsystemunitdir],
- AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
- [],
- [with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)])
+ AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
+ [with_systemdsystemunitdir=$withval],
+ [with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)])
if test -z "$with_systemdsystemunitdir"; then
with_systemdsystemunitdir=/lib/systemd/system
fi
fi
AC_ARG_ENABLE([werror],
- [AC_HELP_STRING([--disable-werror],
- [do not treat warnings as errors])],
- [], [enable_werror=yes])
+ [AS_HELP_STRING([--disable-werror], [do not treat warnings as errors])],
+ [enable_werror=$enableval], [enable_werror=yes])
+
+AC_ARG_ENABLE([no_undefined],
+ [AS_HELP_STRING([--disable-no-undefined], [do not pass -Wl,--no-undefined])],
+ [enable_no_undefined=$enableval], [enable_no_undefined=yes])
+AM_CONDITIONAL([ENABLE_NO_UNDEFINED], [test "x$enable_no_undefined" = "xyes"])
# Allow disabling rpath
AC_ARG_ENABLE([rpath],
- [AC_HELP_STRING([--enable-rpath], [set rpath in executables [default=no]])],
- [], [enable_rpath=no])
+ [AS_HELP_STRING([--enable-rpath], [set rpath in executables [default=no]])],
+ [enable_rpath=$enableval], [enable_rpath=no])
AM_CONDITIONAL([ENABLE_RPATH], [test "x$enable_rpath" = "xyes"])
# Documentation (manpages)
AC_ARG_ENABLE([doc],
- [AC_HELP_STRING([--enable-doc], [make man pages [default=auto]])],
- [], [enable_doc=auto])
+ [AS_HELP_STRING([--enable-doc], [make man pages [default=auto]])],
+ [enable_doc=$enableval], [enable_doc=auto])
if test "x$enable_doc" = "xyes" -o "x$enable_doc" = "xauto"; then
db2xman=""
# Documentation (API)
AC_ARG_ENABLE([api-docs],
- [AC_HELP_STRING([--enable-api-docs],
- [make API documentation [default=auto]])],
- [], [enable_api_docs=auto])
+ [AS_HELP_STRING([--enable-api-docs], [make API documentation [default=auto]])],
+ [enable_api_docs=$enableval], [enable_api_docs=auto])
if test "x$enable_api_docs" = "xyes" -o "x$enable_api_docs" = "xauto"; then
AC_CHECK_PROGS([HAVE_DOXYGEN],[doxygen])
# Apparmor
AC_ARG_ENABLE([apparmor],
- [AC_HELP_STRING([--enable-apparmor], [enable apparmor support [default=auto]])],
- [], [enable_apparmor=auto])
+ [AS_HELP_STRING([--enable-apparmor], [enable apparmor support [default=auto]])],
+ [enable_apparmor=$enableval], [enable_apparmor=auto])
if test "$enable_apparmor" = "auto" ; then
AC_CHECK_LIB([apparmor],[aa_change_profile],[enable_apparmor=yes], [enable_apparmor=no])
# OpenSSL
# libssl-dev
AC_ARG_ENABLE([openssl],
- [AC_HELP_STRING([--enable-openssl], [enable OpenSSL support [default=auto]])],
- [], [enable_openssl=auto])
+ [AS_HELP_STRING([--enable-openssl], [enable OpenSSL support [default=auto]])],
+ [enable_openssl=$enableval], [enable_openssl=auto])
if test "$enable_openssl" = "auto" ; then
AC_CHECK_LIB([ssl], [OPENSSL_init_ssl], [enable_openssl=yes], [enable_openssl=no])
fi
AM_CONDITIONAL([ENABLE_OPENSSL], [test "x$enable_openssl" = "xyes"])
+AC_ARG_ENABLE([static-binaries],
+ [AS_HELP_STRING([--enable-static-binaries], [build all binaries statically [default=no]])],
+ [enable_static_binaries=$enableval], [enable_static_binaries=no])
+AM_CONDITIONAL([ENABLE_STATIC_BINARIES], [test "x$enable_static_binaries" = "xyes"])
+
AM_COND_IF([ENABLE_OPENSSL],
[AC_CHECK_HEADER([openssl/engine.h],[],[AC_MSG_ERROR([You must install the OpenSSL development package in order to compile lxc])])
- AC_SUBST([OPENSSL_LIBS], '-lssl -lcrypto')])
+ AM_COND_IF([ENABLE_STATIC_BINARIES], [AC_SUBST([OPENSSL_LIBS], '-lssl -lcrypto -ldl')], [AC_SUBST([OPENSSL_LIBS], '-lssl -lcrypto')])])
# SELinux
AC_ARG_ENABLE([selinux],
- [AC_HELP_STRING([--enable-selinux], [enable SELinux support [default=auto]])],
- [], [enable_selinux=auto])
+ [AS_HELP_STRING([--enable-selinux], [enable SELinux support [default=auto]])],
+ [enable_selinux=$enableval], [enable_selinux=auto])
if test "x$enable_selinux" = xauto; then
AC_CHECK_LIB([selinux],[setexeccon_raw],[enable_selinux=yes],[enable_selinux=no])
# Seccomp syscall filter
AC_ARG_ENABLE([seccomp],
- [AC_HELP_STRING([--enable-seccomp], [enable seccomp support [default=auto]])],
- [], [enable_seccomp=auto])
+ [AS_HELP_STRING([--enable-seccomp], [enable seccomp support [default=auto]])],
+ [enable_seccomp=$enableval], [enable_seccomp=auto])
if test "x$enable_seccomp" = "xauto" ; then
AC_CHECK_LIB([seccomp],[seccomp_init],[enable_seccomp=yes],[enable_seccomp=no])
AC_CHECK_LIB([seccomp], [seccomp_init],[],[AC_MSG_ERROR([You must install the seccomp development package in order to compile lxc])])
AC_SUBST([SECCOMP_LIBS], [-lseccomp])
])
+ # HAVE_SCMP_FILTER_CTX=1 will tell us we have libseccomp api >= 1.0.0
+ OLD_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS $SECCOMP_CFLAGS"
+ AC_CHECK_TYPES([scmp_filter_ctx], [], [], [[#include <seccomp.h>]])
+ AC_CHECK_DECLS([seccomp_notify_fd], [], [], [[#include <seccomp.h>]])
+ AC_CHECK_TYPES([struct seccomp_notif_sizes], [], [], [[#include <seccomp.h>]])
+ AC_CHECK_DECLS([seccomp_syscall_resolve_name_arch], [], [], [[#include <seccomp.h>]])
+ CFLAGS="$OLD_CFLAGS"
])
AC_MSG_CHECKING(for static libcap)
# Linux capabilities
AC_ARG_ENABLE([capabilities],
- [AC_HELP_STRING([--enable-capabilities], [enable kernel capabilities support [default=auto]])],
- [], [enable_capabilities=auto])
+ [AS_HELP_STRING([--enable-capabilities], [enable kernel capabilities support [default=auto]])],
+ [enable_capabilities=$enableval], [enable_capabilities=auto])
if test "x$enable_capabilities" = "xauto"; then
AC_CHECK_LIB([cap],[cap_set_proc],[enable_capabilities=yes],[enable_capabilities=no])
AC_CHECK_LIB(cap,cap_get_file, AC_DEFINE(LIBCAP_SUPPORTS_FILE_CAPABILITIES,1,[Have cap_get_file]),[],[])
AC_SUBST([CAP_LIBS], [-lcap])])
-# HAVE_SCMP_FILTER_CTX=1 will tell us we have libseccomp api >= 1.0.0
-OLD_CFLAGS="$CFLAGS"
-CFLAGS="$CFLAGS $SECCOMP_CFLAGS"
-AC_CHECK_TYPES([scmp_filter_ctx], [], [], [[#include <seccomp.h>]])
-AC_CHECK_DECLS([seccomp_notify_fd], [], [], [[#include <seccomp.h>]])
-AC_CHECK_TYPES([struct seccomp_notif_sizes], [], [], [[#include <seccomp.h>]])
-AC_CHECK_DECLS([seccomp_syscall_resolve_name_arch], [], [], [[#include <seccomp.h>]])
-CFLAGS="$OLD_CFLAGS"
-
# Configuration examples
AC_ARG_ENABLE([examples],
- [AC_HELP_STRING([--enable-examples], [install examples [default=yes]])],
- [], [enable_examples=yes])
+ [AS_HELP_STRING([--enable-examples], [install examples [default=yes]])],
+ [enable_examples=$enableval], [enable_examples=yes])
AM_CONDITIONAL([ENABLE_EXAMPLES], [test "x$enable_examples" = "xyes"])
# Enable dumping stack traces
AC_ARG_ENABLE([mutex-debugging],
- [AC_HELP_STRING([--enable-mutex-debugging], [Makes mutexes to report error and provide stack trace [default=no]])],
- [], [enable_mutex_debugging=no])
+ [AS_HELP_STRING([--enable-mutex-debugging], [Makes mutexes to report error and provide stack trace [default=no]])],
+ [enable_mutex_debugging=$enableval], [enable_mutex_debugging=no])
AM_CONDITIONAL([MUTEX_DEBUGGING], [test "x$enable_mutex_debugging" = "xyes"])
AM_COND_IF([MUTEX_DEBUGGING],
# Optional bash integration
AC_ARG_ENABLE([bash],
- [AC_HELP_STRING([--enable-bash], [build bash integration [default=yes]])],
- [], [enable_bash=yes])
+ [AS_HELP_STRING([--enable-bash], [build bash integration [default=yes]])],
+ [enable_bash=$enableval], [enable_bash=yes])
AM_CONDITIONAL([ENABLE_BASH], [test "x$enable_bash" = "xyes"])
AM_COND_IF([ENABLE_BASH],
# Build the command line tools
AC_ARG_ENABLE([tools],
- [AC_HELP_STRING([--enable-tools], [build the command line tools [default=yes]])],
- [], [enable_tools=yes])
+ [AS_HELP_STRING([--enable-tools], [build the command line tools [default=yes]])],
+ [enable_tools=$enableval], [enable_tools=yes])
AM_CONDITIONAL([ENABLE_TOOLS], [test "x$enable_tools" = "xyes"])
# Build the liblxc commands
AC_ARG_ENABLE([commands],
- [AC_HELP_STRING([--enable-commands], [build the liblxc commands [default=yes]])],
- [], [enable_commands=yes])
+ [AS_HELP_STRING([--enable-commands], [build the liblxc commands [default=yes]])],
+ [enable_commands=$enableval], [enable_commands=yes])
AM_CONDITIONAL([ENABLE_COMMANDS], [test "x$enable_commands" = "xyes"])
-# Build with ASAN commands
-AC_ARG_ENABLE([asan],
- [AC_HELP_STRING([--enable-asan], [build with address sanitizer enabled [default=no]])],
- [], [enable_asan=no])
-AM_CONDITIONAL([ENABLE_ASAN], [test "x$enable_asan" = "xyes"])
+AC_ARG_ENABLE([static-binaries],
+ [AS_HELP_STRING([--enable-static-binaries], [build all binaries statically [default=no]])],
+ [enable_static_binaries=$enableval], [enable_static_binaries=no])
+AM_CONDITIONAL([ENABLE_STATIC_BINARIES], [test "x$enable_static_binaries" = "xyes"])
+
+AC_ARG_ENABLE([sanitizers],
+ [AS_HELP_STRING([--enable-sanitizers], [build with sanitizers enabled [default=no]])],
+ [enable_sanitizers=$enableval], [enable_sanitizers=no])
+AM_CONDITIONAL([ENABLE_SANITIZERS], [test "x$enable_sanitizers" = "xyes"])
+if test "x$enable_sanitizers" = "xyes"; then
+ AC_DEFINE([ENABLE_SANITIZERS], 1, [build with sanitizers enabled])
+
+ CC_CHECK_FLAGS_APPEND([AM_CFLAGS],[CFLAGS],[ \
+ -fsanitize=address \
+ -fsanitize=undefined \
+ -fsanitize=memory \
+ -fno-omit-frame-pointer])
+ AC_SUBST(AM_CFLAGS)
+
+ AC_MSG_RESULT([yes])
+else
+ AC_MSG_RESULT([no])
+fi
# Optional test binaries
AC_ARG_ENABLE([tests],
- [AC_HELP_STRING([--enable-tests], [build test/example binaries [default=no]])],
- [], [enable_tests=no])
+ [AS_HELP_STRING([--enable-tests], [build test/example binaries [default=no]])],
+ [enable_tests=$enableval], [enable_tests=no])
AM_CONDITIONAL([ENABLE_TESTS], [test "x$enable_tests" = "xyes"])
# Allow overriding the default runtime dir (/run)
AC_ARG_WITH([runtime-path],
- [AC_HELP_STRING(
- [--with-runtime-path=dir],
- [runtime directory (default: /run)]
- )], [], [with_runtime_path=['/run']])
+ [AS_HELP_STRING([--with-runtime-path=dir], [runtime directory (default: /run)])],
+ [with_runtime_path=$withval], [with_runtime_path=['/run']])
# LXC container path, where the containers are actually stored
# This is overridden by an entry in the file called LXCCONF
# (i.e. /etc/lxc/lxc.conf)
AC_ARG_WITH([config-path],
- [AC_HELP_STRING(
- [--with-config-path=dir],
- [lxc configuration repository path]
- )], [], [with_config_path=['${localstatedir}/lib/lxc']])
+ [AS_HELP_STRING([--with-config-path=dir], [lxc configuration repository path])],
+ [with_config_path=$withval], [with_config_path=['${localstatedir}/lib/lxc']])
# The path of the global lxc configuration file.
AC_ARG_WITH([global-conf],
- [AC_HELP_STRING(
- [--with-global-conf=dir],
- [global lxc configuration file]
- )], [], [with_global_conf=['${sysconfdir}/lxc/lxc.conf']])
+ [AS_HELP_STRING([--with-global-conf=dir], [global lxc configuration file])],
+ [with_global_conf=$withval], [with_global_conf=['${sysconfdir}/lxc/lxc.conf']])
# The path of the userns network configuration file
AC_ARG_WITH([usernic-conf],
- [AC_HELP_STRING(
- [--with-usernic-conf],
- [user network interface configuration file]
- )], [], [with_usernic_conf=['${sysconfdir}/lxc/lxc-usernet']])
+ [AS_HELP_STRING([--with-usernic-conf], [user network interface configuration file])],
+ [with_usernic_conf=$withval], [with_usernic_conf=['${sysconfdir}/lxc/lxc-usernet']])
# The path of the runtime usernic database
AC_ARG_WITH([usernic-db],
- [AC_HELP_STRING(
- [--with-usernic-db],
- [lxc user nic database]
- )], [], [with_usernic_db=['${with_runtime_path}/lxc/nics']])
+ [AS_HELP_STRING([--with-usernic-db], [lxc user nic database])],
+ [with_usernic_db=$withval], [with_usernic_db=['${with_runtime_path}/lxc/nics']])
# Rootfs path, where the container mount structure is assembled
AC_ARG_WITH([rootfs-path],
- [AC_HELP_STRING(
- [--with-rootfs-path=dir],
- [lxc rootfs mount point]
- )], [], [with_rootfs_path=['${libdir}/lxc/rootfs']])
+ [AS_HELP_STRING([--with-rootfs-path=dir], [lxc rootfs mount point])],
+ [with_rootfs_path=$withval], [with_rootfs_path=['${libdir}/lxc/rootfs']])
# cgroup pattern specification
AC_ARG_WITH([cgroup-pattern],
- [AC_HELP_STRING(
- [--with-cgroup-pattern=pattern],
- [pattern for container cgroups]
- )], [], [with_cgroup_pattern=['lxc.payload/%n']])
+ [AS_HELP_STRING([--with-cgroup-pattern=pattern], [pattern for container cgroups])],
+ [with_cgroup_pattern=$withval], [with_cgroup_pattern=['']])
# The path for the apparmor_parser's cache for generated apparmor profiles
AC_ARG_WITH([apparmor-cache-dir],
- [AC_HELP_STRING(
- [--with-apparmor-cache-dir=dir],
- [path for apparmor_parser cache]
- )], [], [with_apparmor_cache_dir=['${localstatedir}/cache/lxc/apparmor']])
+ [AS_HELP_STRING([--with-apparmor-cache-dir=dir],[path for apparmor_parser cache])],
+ [with_apparmor_cache_dir=$withval], [with_apparmor_cache_dir=['${localstatedir}/cache/lxc/apparmor']])
# Container log path. By default, use $lxcpath.
AC_MSG_CHECKING([Whether to place logfiles in container config path])
AC_ARG_ENABLE([configpath-log],
- [AC_HELP_STRING([--enable-configpath-log], [use logfiles in config path [default=no]])],
- [], [enable_configpath_log=no])
+ [AS_HELP_STRING([--enable-configpath-log], [use logfiles in config path [default=no]])],
+ [enable_configpath_log=$enableval], [enable_configpath_log=no])
AC_MSG_RESULT([$enable_configpath_log])
AM_CONDITIONAL([USE_CONFIGPATH_LOGS], [test "$enable_configpath_log" = "yes"])
fi
AC_ARG_WITH([log-path],
- [AC_HELP_STRING(
- [--with-log-path=dir],
- [per container log path]
- )], [], [with_log_path=['${default_log_path}']])
+ [AS_HELP_STRING([--with-log-path=dir],[per container log path])],
+ [with_log_path=$withval], [with_log_path=['${default_log_path}']])
# Expand some useful variables
AS_AC_EXPAND(PREFIX, "$prefix")
# Configuration examples
AC_ARG_ENABLE([pam],
- [AC_HELP_STRING([--enable-pam], [enable pam module [default=no]])],
- [], [enable_pam=no])
+ [AS_HELP_STRING([--enable-pam], [enable pam module [default=no]])],
+ [enable_pam=$enableval], [enable_pam=no])
AM_CONDITIONAL([ENABLE_PAM], [test "x$enable_pam" = "xyes"])
AM_COND_IF([ENABLE_PAM],
[pamdir],
[AS_HELP_STRING([--with-pamdir=PATH],[Specify the directory where PAM modules are stored,
or "none" if PAM modules are not to be built])],
- [pamdir="${withval}"],
+ [pamdir=$withval],
[
if test "${prefix}" = "/usr"; then
pamdir="/lib${libdir##*/lib}/security"
AC_HEADER_MAJOR
# Check for some syscalls functions
-AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create])
+AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick fsconfig fsmount, openat2, close_range, statvfs])
+AC_CHECK_TYPES([__aligned_u64], [], [], [[#include <linux/types.h>]])
+AC_CHECK_TYPES([struct open_how], [], [], [[#include <linux/openat2.h>]])
+AC_CHECK_TYPES([struct clone_args], [], [], [[#include <linux/sched.h>]])
+AC_CHECK_MEMBERS([struct clone_args.set_tid],[],[],[[#include <linux/sched.h>]])
+AC_CHECK_MEMBERS([struct clone_args.cgroup],[],[],[[#include <linux/sched.h>]])
# Check for strerror_r() support. Defines:
# - HAVE_STRERROR_R if available
# Check if "%m" is supported by printf and Co
AC_MSG_CHECKING([%m format])
-AC_TRY_RUN([
+AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <stdio.h>
int main(void)
{
{
return 1;
}
-}],
-[fmt_m=yes], [fmt_m=no], [fmt_m=no])
+}]])],[fmt_m=yes],[fmt_m=no],[fmt_m=no])
if test "x$fmt_m" = "xyes"; then
AC_DEFINE([HAVE_M_FORMAT], 1, [Have %m format])
AC_MSG_RESULT([yes])
# Check for some functions
AC_CHECK_LIB(pthread, main)
-AC_CHECK_FUNCS(statvfs)
AC_CHECK_LIB(util, openpty)
-AC_CHECK_FUNCS([openpty hasmntopt setmntent endmntent utmpxname])
+AC_CHECK_FUNCS([hasmntopt setmntent endmntent utmpxname])
AC_CHECK_FUNCS([getgrgid_r],
AM_CONDITIONAL(HAVE_GETGRGID_R, true)
AC_DEFINE(HAVE_GETGRGID_R,1,[Have getgrgid_r]),
AM_CONDITIONAL(HAVE_KEYCTL, true)
AC_DEFINE(HAVE_KEYCTL,1,[Have keyctl]),
AM_CONDITIONAL(HAVE_KEYCTL, false))
+AC_CHECK_FUNCS([openpty],
+ AM_CONDITIONAL(HAVE_OPENPTY, true)
+ AC_DEFINE(HAVE_OPENPTY,1,[Have openpty]),
+ AM_CONDITIONAL(HAVE_OPENPTY, false))
AC_CHECK_FUNCS([prlimit],
AM_CONDITIONAL(HAVE_PRLIMIT, true)
AC_DEFINE(HAVE_PRLIMIT,1,[Have prlimit]),
AM_CONDITIONAL(HAVE_STRLCAT, true)
AC_DEFINE(HAVE_STRLCAT,1,[Have strlcat]),
AM_CONDITIONAL(HAVE_STRLCAT, false))
+AC_CHECK_FUNCS([strchrnul],
+ AM_CONDITIONAL(HAVE_STRCHRNUL, true)
+ AC_DEFINE(HAVE_STRCHRNUL,1,[Have strchnul]),
+ AM_CONDITIONAL(HAVE_STRCHRNUL, false))
+AC_CHECK_FUNCS([fmemopen],
+ AM_CONDITIONAL(HAVE_FMEMOPEN, true)
+ AC_DEFINE(HAVE_FMEMOPEN,1,[Have fmemopen]),
+ AM_CONDITIONAL(HAVE_FMEMOPEN, false))
# HAVE_STRUCT_RTNL_LINK_STATS64={0,1}
AC_CHECK_TYPES([struct rtnl_link_stats64], [], [], [[#include <linux/if_link.h>]])
AX_PTHREAD
AC_SEARCH_LIBS(clock_gettime, [rt])
-# Check for some standard binaries
-AC_PROG_GCC_TRADITIONAL
-AC_PROG_SED
-
# See if we support thread-local storage.
LXC_CHECK_TLS
# Hardening flags
-AX_CHECK_COMPILE_FLAG([-fdiagnostics-color], [CFLAGS="$CFLAGS -fdiagnostics-color"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wimplicit-fallthrough=5], [CFLAGS="$CFLAGS -Wimplicit-fallthrough=5"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wcast-align], [CFLAGS="$CFLAGS -Wcast-align"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wstrict-prototypes], [CFLAGS="$CFLAGS -Wstrict-prototypes"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-fno-strict-aliasing], [CFLAGS="$CFLAGS -fno-strict-aliasing"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-fstack-clash-protection], [CFLAGS="$CFLAGS -fstack-clash-protection"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-fstack-protector-strong], [CFLAGS="$CFLAGS -fstack-protector-strong"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([--param=ssp-buffer-size=4], [CFLAGS="$CFLAGS --param=ssp-buffer-size=4"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-g], [CFLAGS="$CFLAGS -g"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([--mcet -fcf-protection], [CFLAGS="$CFLAGS --mcet -fcf-protection"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Werror=implicit-function-declaration], [CFLAGS="$CFLAGS -Werror=implicit-function-declaration"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wlogical-op], [CFLAGS="$CFLAGS -Wlogical-op"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wmissing-include-dirs], [CFLAGS="$CFLAGS -Wmissing-include-dirs"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wold-style-definition], [CFLAGS="$CFLAGS -Wold-style-definition"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Winit-self], [CFLAGS="$CFLAGS -Winit-self"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wfloat-equal], [CFLAGS="$CFLAGS -Wfloat-equal"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wsuggest-attribute=noreturn], [CFLAGS="$CFLAGS -Wsuggest-attribute=noreturn"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Werror=return-type], [CFLAGS="$CFLAGS -Werror=return-type"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Werror=incompatible-pointer-types], [CFLAGS="$CFLAGS -Werror=incompatible-pointer-types"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wformat=2], [CFLAGS="$CFLAGS -Wformat=2"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wshadow], [CFLAGS="$CFLAGS -Wshadow"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wendif-labels], [CFLAGS="$CFLAGS -Wendif-labels"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Werror=overflow], [CFLAGS="$CFLAGS -Werror=overflow"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-fdiagnostics-show-option], [CFLAGS="$CFLAGS -fdiagnostics-show-option"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Werror=shift-count-overflow], [CFLAGS="$CFLAGS -Werror=shift-count-overflow"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Werror=shift-overflow=2], [CFLAGS="$CFLAGS -Werror=shift-overflow=2"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wdate-time], [CFLAGS="$CFLAGS -Wdate-time"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-Wnested-externs], [CFLAGS="$CFLAGS -Wnested-externs"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-fasynchronous-unwind-tables], [CFLAGS="$CFLAGS -fasynchronous-unwind-tables"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-pipe], [CFLAGS="$CFLAGS -pipe"],,[-Werror])
-AX_CHECK_COMPILE_FLAG([-fexceptions], [CFLAGS="$CFLAGS -fexceptions"],,[-Werror])
-
-AX_CHECK_LINK_FLAG([-z relro], [LDFLAGS="$LDFLAGS -z relro"],,[])
-AX_CHECK_LINK_FLAG([-z now], [LDFLAGS="$LDFLAGS -z now"],,[])
-
-CFLAGS="$CFLAGS -Wvla -std=gnu11"
+CC_CHECK_FLAGS_APPEND([AM_CFLAGS],[CFLAGS],[ \
+ -fPIE \
+ -Wvla \
+ -std=gnu11 \
+ -fms-extensions \
+ -fdiagnostics-color \
+ -Wimplicit-fallthrough=5 \
+ -Wcast-align \
+ -Wstrict-prototypes \
+ -fno-strict-aliasing \
+ -fstack-clash-protection \
+ -fstack-protector-strong \
+ --param=ssp-buffer-size=4 \
+ -g \
+ --mcet -fcf-protection \
+ -Werror=implicit-function-declaration \
+ -Wlogical-op \
+ -Wmissing-include-dirs \
+ -Wold-style-definition \
+ -Winit-self \
+ -Wunused-but-set-variable \
+ -Wfloat-equal \
+ -Wsuggest-attribute=noreturn \
+ -Werror=return-type \
+ -Werror=incompatible-pointer-types \
+ -Wformat=2 \
+ -Wshadow \
+ -Wendif-labels \
+ -Werror=overflow \
+ -fdiagnostics-show-option \
+ -Werror=shift-count-overflow \
+ -Werror=shift-overflow=2 \
+ -Wdate-time \
+ -Wnested-externs \
+ -fasynchronous-unwind-tables \
+ -pipe \
+ -fexceptions \
+ -Warray-bounds \
+ -Wrestrict \
+ -Wreturn-local-addr \
+ -flto=thin \
+ -fsanitize=cfi \
+ -Wstringop-overflow])
+AC_SUBST(AM_CFLAGS)
+
+CC_CHECK_FLAGS_APPEND([AM_LDFLAGS],[LDFLAGS],[ \
+ -Wl,--as-needed \
+ -Wl,--gc-sections \
+ -Wl,-z,relro \
+ -Wl,-z,now \
+ -pie \
+ -Wl,-fuse-ld=gold])
+
+AM_COND_IF([ENABLE_NO_UNDEFINED],
+ [CC_CHECK_FLAGS_APPEND([AM_LDFLAGS],[LDFLAGS],[-Wl,--no-undefined])])
+
+AC_SUBST(AM_LDFLAGS)
+
+CFLAGS="$CFLAGS -Wvla -std=gnu11 -fms-extensions"
if test "x$enable_werror" = "xyes"; then
CFLAGS="$CFLAGS -Werror"
fi
AC_ARG_ENABLE([thread-safety],
- [AC_HELP_STRING([--enable-thread-safety], [enforce thread-safety otherwise fail the build [default=yes]])],
- [], [enable_thread_safety=yes])
+ [AS_HELP_STRING([--enable-thread-safety], [enforce thread-safety otherwise fail the build [default=yes]])],
+ [enable_thread_safety=$enableval], [enable_thread_safety=yes])
AM_CONDITIONAL([ENFORCE_THREAD_SAFETY], [test "x$enable_thread_safety" = "xyes"])
+if test "x$enable_thread_safety" = "xyes"; then
+ AC_DEFINE([ENFORCE_THREAD_SAFETY], 1, [enforce thread-safety otherwise fail the build])
+ AC_MSG_RESULT([yes])
+else
+ AC_MSG_RESULT([no])
+fi
+
+AC_ARG_ENABLE([coverity-build],
+ [AS_HELP_STRING([--enable-coverity-build], [build for use with Coverity [default=no]])],
+ [enable_coverity_build=$enableval], [enable_coverity_build=no])
+AM_CONDITIONAL([ENABLE_COVERITY_BUILD], [test "x$enable_coverity_build" = "xyes"])
+if test "x$enable_coverity_build" = "xyes"; then
+ AC_DEFINE([ENABLE_COVERITY_BUILD], 1, [build for use with Coverity])
+ AC_MSG_RESULT([yes])
+else
+ AC_MSG_RESULT([no])
+fi
AC_ARG_ENABLE([dlog],
- [AC_HELP_STRING([--enable-dlog], [enable dlog support [default=no]])],
- [], [enable_dlog=no])
+ [AS_HELP_STRING([--enable-dlog], [enable dlog support [default=no]])],
+ [enable_dlog=$enableval], [enable_dlog=no])
AM_CONDITIONAL([ENABLE_DLOG], [test "x$enable_dlog" = "xyes"])
AM_COND_IF([ENABLE_DLOG],
])
AC_ARG_ENABLE([memfd-rexec],
- [AC_HELP_STRING([--enable-memfd-rexec], [enforce liblxc as a memfd to protect against certain symlink attacks [default=yes]])],
- [], [enable_memfd_rexec=yes])
+ [AS_HELP_STRING([--enable-memfd-rexec], [enforce liblxc as a memfd to protect against certain symlink attacks [default=yes]])],
+ [enable_memfd_rexec=$enableval], [enable_memfd_rexec=yes])
AM_CONDITIONAL([ENFORCE_MEMFD_REXEC], [test "x$enable_memfd_rexec" = "xyes"])
if test "x$enable_memfd_rexec" = "xyes"; then
AC_DEFINE([ENFORCE_MEMFD_REXEC], 1, [Rexec liblxc as memfd])
lxc.pc
lxc.spec
+ coccinelle/Makefile
+
config/Makefile
config/apparmor/Makefile
config/apparmor/abstractions/start-container
config/init/systemd/lxc.service
config/init/systemd/lxc@.service
config/init/systemd/lxc-net.service
+ config/init/systemd/lxc-monitord.service
config/init/sysvinit/Makefile
config/init/sysvinit/lxc-containers
config/init/sysvinit/lxc-net
doc/lxc-usernsexec.sgml
doc/lxc-wait.sgml
+ doc/pam_cgfs.sgml
+
doc/lxc.conf.sgml
doc/lxc.container.conf.sgml
doc/lxc.system.conf.sgml
doc/ja/lxc-usernsexec.sgml
doc/ja/lxc-wait.sgml
+ doc/ja/pam_cgfs.sgml
+
doc/ja/lxc.conf.sgml
doc/ja/lxc.container.conf.sgml
doc/ja/lxc.system.conf.sgml
- lxc-user-nic: $enable_commands
- lxc-usernsexec: $enable_commands
+ - static binaries: $enable_static_binaries
+
Environment:
- compiler: $CC
+ - cflags: ${AM_CFLAGS} ${PTHREAD_CFLAGS}
+ - ldflags: ${AM_LDFLAGS} ${PTHREAD_LIBS}
- distribution: $with_distro
- init script type(s): $init_script
- rpath: $enable_rpath
- user documentation: $enable_doc
Debugging:
- - tests: $enable_tests
- - ASAN: $enable_asan
+ - Sanitizers: $enable_sanitizers
+ - Coverity: $enable_coverity_build
- mutex debugging: $enable_mutex_debugging
+ - tests: $enable_tests
Paths:
- Logs in configpath: $enable_configpath_log
projects / mirror_lxc.git / blobdiff