on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
-
+
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an
* create an interactive configuration with the lxc-create command
- line, like the 'make menuconfig' of the kernel.
+ line, like the 'make menuconfig' of the kernel.
= lxc-create [-n foo] -m|--menuconfig
dnl autostars m4 macro for expanding directories using configure's prefix
dnl thomas@apestaart.org
dnl
-
+
dnl AS_AC_EXPAND(VAR, CONFIGURE_VAR)
dnl example
dnl AS_AC_EXPAND(SYSCONFDIR, $sysconfdir)
dnl will set SYSCONFDIR to /usr/local/etc if prefix=/usr/local
-
+
AC_DEFUN([AS_AC_EXPAND],
[
EXP_VAR=[$1]
FROM_VAR=[$2]
-
+
dnl first expand prefix and exec_prefix if necessary
prefix_save=$prefix
exec_prefix_save=$exec_prefix
-
+
dnl if no prefix given, then use /usr/local, the default prefix
if test "x$prefix" = "xNONE"; then
prefix="$ac_default_prefix"
if test "x$exec_prefix" = "xNONE"; then
exec_prefix=$prefix
fi
-
+
full_var="$FROM_VAR"
dnl loop until it doesn't change anymore
while true; do
if test "x$new_full_var" = "x$full_var"; then break; fi
full_var=$new_full_var
done
-
+
dnl clean up
full_var=$new_full_var
AC_SUBST([$1], "$full_var")
-
+
dnl restore prefix and exec_prefix
prefix=$prefix_save
exec_prefix=$exec_prefix_save
# Determine the number of characters in A and B.
ax_compare_version_len_A=`echo "$A" | awk '{print(length)}'`
ax_compare_version_len_B=`echo "$B" | awk '{print(length)}'`
-
+
# Set A to no more than B's length and B to no more than A's length.
A=`echo "$A" | sed "s/\(.\{$ax_compare_version_len_B\}\).*/\1/"`
B=`echo "$B" | sed "s/\(.\{$ax_compare_version_len_A\}\).*/\1/"`
"[syserr] lxc_start:96: Invalid argument - failed to fork into a new
namespace"
-Answer:
--------
+Answer:
+-------
read the lxc man page about kernel version prereq :) most probably
your kernel is not configured to support the container options you
-<!--
+<!--
lxc: linux Container library
The container is not running.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
-<!--
+<!--
lxc: linux Container library
The available tty are free slots taken by this command. That
means if the container has four ttys available and the command
has been launched four times taking the different tty, the fifth
- command will fail because no console will be available.
+ command will fail because no console will be available.
</para>
<para>
user "foo" and "bar" is trying to open a console to it.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
-<!--
+<!--
lxc: linux Container library
command to list the available containers on the system.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
-<!--
+<!--
lxc: linux Container library
container or create a new one.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
-<!--
+<!--
lxc: linux Container library
the <command>lxc-create</command> command.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
-<!--
+<!--
lxc: linux Container library
<refsect1>
<title>See Also</title>
- <simpara>
+ <simpara>
<citerefentry>
<refentrytitle>ls</refentrytitle>
<manvolnum>1</manvolnum>
-<!--
+<!--
lxc: linux Container library
the <command>lxc-create</command> command.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
<refsect1>
<title>See Also</title>
- <simpara>
+ <simpara>
<citerefentry>
<refentrytitle>regex</refentrytitle>
<manvolnum>7</manvolnum>
-<!--
+<!--
lxc: linux Container library
<listitem>
<para>
specify the container <replaceable>name</replaceable>
- to limit the output to the processes belonging
- to this container name.
+ to limit the output to the processes belonging
+ to this container name.
</para>
</listitem>
</varlistentry>
</term>
<listitem>
<para>
- limit the output to the processes belonging
+ limit the output to the processes belonging
to all lxc containers.
</para>
</listitem>
<refsect1>
<title>See Also</title>
- <simpara>
+ <simpara>
<citerefentry>
<refentrytitle>ps</refentrytitle>
<manvolnum>1</manvolnum>
-<!--
+<!--
lxc: linux Container library
container or create a new one.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
-<!--
+<!--
lxc: linux Container library
container or create a new one.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
<varlistentry>
<term>The container was not found</term>
the <command>lxc-create</command> command.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
-<!--
+<!--
lxc: linux Container library
the <command>lxc-create</command> command.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
-<!--
+<!--
lxc: linux Container library
the <command>lxc-create</command> command.
</para>
</listitem>
- </varlistentry>
+ </varlistentry>
</variablelist>
# specify the flags to be used for the network, actually only <up> is allowed
# which mean the network should be set up when created. If the network is set
-# up, the loopback is automatically set up too.
+# up, the loopback is automatically set up too.
lxc.network.flags = up
# specify the physical network device which will communicate with the
-<!--
+<!--
lxc: linux Container library
specify an action to do for the
network.
</para>
-
+
<para><option>up:</option> activates the interface.
</para>
</listitem>
<refsect1>
<title>See Also</title>
- <simpara>
+ <simpara>
<citerefentry>
<refentrytitle><command>chroot</command></refentrytitle>
<manvolnum>1</manvolnum>
</simpara>
</refsect1>
-
+
&seealso;
<refsect1>
<title>Author</title>
<para>Daniel Lezcano <email>daniel.lezcano@free.fr</email></para>
</refsect1>
-
+
</refentry>
<!-- Keep this comment at the end of the file
-<!--
+<!--
lxc: linux Container library
/sbin /home/root/sshd/rootfs/sbin none ro,bind 0 0
</programlisting>
</para>
-
+
<para>How to run a system in a container ?</para>
<para>Running a system inside a container is paradoxically easier
without configuration because the container will set them
up. eg. the ipv4 address will be setup by the system container
init scripts. Here is an example of the mount points file:
-
+
<programlisting>
[root@lxc debian]$ cat fstab
<refsect2>
<title>Configuration</title>
<para>The container is configured through a configuration
- file, the format of the configuration file is described in
+ file, the format of the configuration file is described in
<citerefentry>
<refentrytitle><filename>lxc.conf</filename></refentrytitle>
<manvolnum>5</manvolnum>
but if needed the <command>lxc-stop</command> command can
be used to kill the still running application.
</para>
-
+
<para>
Running an application inside a container is not exactly the
same thing as running a system. For this reason, there are two
lxc-freeze -n foo
</programlisting>
- will put all the processes in an uninteruptible state and
+ will put all the processes in an uninteruptible state and
<programlisting>
lxc-unfreeze -n foo
addr.sun_family = AF_UNIX;
/* copy entire buffer in case of abstract socket */
- memcpy(addr.sun_path, path,
+ memcpy(addr.sun_path, path,
path[0]?strlen(path):sizeof(addr.sun_path));
if (bind(fd, (struct sockaddr *)&addr, sizeof(addr))) {
struct sockaddr_un addr;
socklen_t addrlen;
- if (!getsockname(fd, (struct sockaddr *)&addr, &addrlen) &&
+ if (!getsockname(fd, (struct sockaddr *)&addr, &addrlen) &&
addr.sun_path[0])
unlink(addr.sun_path);
addr.sun_family = AF_UNIX;
/* copy entire buffer in case of abstract socket */
- memcpy(addr.sun_path, path,
+ memcpy(addr.sun_path, path,
path[0]?strlen(path):sizeof(addr.sun_path));
if (connect(fd, (struct sockaddr *)&addr, sizeof(addr))) {
cmsg = CMSG_FIRSTHDR(&msg);
- /* if the message is wrong the variable will not be
+ /* if the message is wrong the variable will not be
* filled and the peer will notified about a problem */
*recvfd = -1;
if (ret)
return ret;
- ret = nla_put_string((struct nlmsg *)&request->nlmsghdr,
+ ret = nla_put_string((struct nlmsg *)&request->nlmsghdr,
CTRL_ATTR_FAMILY_NAME, family);
if (ret)
goto out;
return netlink_send(&handler->nlh, (struct nlmsg *)&genlmsg->nlmsghdr);
}
-extern int genetlink_transaction(struct genl_handler *handler,
+extern int genetlink_transaction(struct genl_handler *handler,
struct genlmsg *request, struct genlmsg *answer)
{
return netlink_transaction(&handler->nlh, (struct nlmsg *)&request->nlmsghdr,
#define GENLMSG_DATA(glh) ((void *)(NLMSG_DATA(glh) + GENL_HDRLEN))
/*
- * struct genl_handler : the structure which store the netlink handler
+ * struct genl_handler : the structure which store the netlink handler
* and the family number resulting of the auto-generating id family
* for the generic netlink protocol
*
*
* Returns 0 on success, < 0 otherwise
*/
-int genetlink_transaction(struct genl_handler *handler,
+int genetlink_transaction(struct genl_handler *handler,
struct genlmsg *request, struct genlmsg *answer);
#endif
echo -n "Cgroup device: " && is_enabled CONFIG_CGROUP_DEVICE
echo -n "Cgroup sched: " && is_enabled CONFIG_CGROUP_SCHED
echo -n "Cgroup cpu account: " && is_enabled CONFIG_CGROUP_CPUACCT
-echo -n "Cgroup memory controller: "
+echo -n "Cgroup memory controller: "
if [ $KVER_MAJOR -ge 3 -a $KVER_MINOR -ge 6 ]; then
is_enabled CONFIG_MEMCG
else
switch (msg.type) {
case lxc_msg_state:
- printf("'%s' changed state to [%s]\n",
+ printf("'%s' changed state to [%s]\n",
msg.name, lxc_state2str(msg.value));
break;
default:
return err;
if (!my_args.argc)
- args = default_args;
+ args = default_args;
else
args = my_args.argv;
/* If the handler returns a positive value, exit
the mainloop */
- if (handler->callback(handler->fd, handler->data,
+ if (handler->callback(handler->fd, handler->data,
descr) > 0)
return 0;
}
}
}
-int lxc_mainloop_add_handler(struct lxc_epoll_descr *descr, int fd,
+int lxc_mainloop_add_handler(struct lxc_epoll_descr *descr, int fd,
lxc_mainloop_callback_t callback, void *data)
{
struct epoll_event ev;
struct lxc_list handlers;
};
-typedef int (*lxc_mainloop_callback_t)(int fd, void *data,
+typedef int (*lxc_mainloop_callback_t)(int fd, void *data,
struct lxc_epoll_descr *descr);
extern int lxc_mainloop(struct lxc_epoll_descr *descr);
extern int lxc_mainloop_add_handler(struct lxc_epoll_descr *descr, int fd,
- lxc_mainloop_callback_t callback,
+ lxc_mainloop_callback_t callback,
void *data);
extern int lxc_mainloop_del_handler(struct lxc_epoll_descr *descr, int fd);
*/
extern int lxc_bridge_attach(const char *bridge, const char *ifname);
-/*
+/*
* Create default gateway
*/
extern int lxc_route_create_default(const char *addr, const char *ifname,
return data;
}
-static int nla_put(struct nlmsg *nlmsg, int attr,
+static int nla_put(struct nlmsg *nlmsg, int attr,
const void *data, size_t len)
{
struct rtattr *rta;
return 0;
}
-extern int nla_put_buffer(struct nlmsg *nlmsg, int attr,
+extern int nla_put_buffer(struct nlmsg *nlmsg, int attr,
const void *data, size_t size)
{
return nla_put(nlmsg, attr, data, size);
#ifndef NLMSG_ERROR
#define NLMSG_ERROR 0x2
#endif
-extern int netlink_transaction(struct nl_handler *handler,
+extern int netlink_transaction(struct nl_handler *handler,
struct nlmsg *request, struct nlmsg *answer)
{
int ret;
if (handler->fd < 0)
return -errno;
- if (setsockopt(handler->fd, SOL_SOCKET, SO_SNDBUF,
+ if (setsockopt(handler->fd, SOL_SOCKET, SO_SNDBUF,
&sndbuf, sizeof(sndbuf)) < 0)
return -errno;
- if (setsockopt(handler->fd, SOL_SOCKET, SO_RCVBUF,
+ if (setsockopt(handler->fd, SOL_SOCKET, SO_RCVBUF,
&rcvbuf,sizeof(rcvbuf)) < 0)
return -errno;
handler->local.nl_family = AF_NETLINK;
handler->local.nl_groups = 0;
- if (bind(handler->fd, (struct sockaddr*)&handler->local,
+ if (bind(handler->fd, (struct sockaddr*)&handler->local,
sizeof(handler->local)) < 0)
return -errno;
socklen = sizeof(handler->local);
- if (getsockname(handler->fd, (struct sockaddr*)&handler->local,
+ if (getsockname(handler->fd, (struct sockaddr*)&handler->local,
&socklen) < 0)
return -errno;
* struct nl_handler : the handler for netlink sockets, this structure
* is used all along the netlink socket life cycle to specify the
* netlink socket to be used.
- *
+ *
* @fd: the file descriptor of the netlink socket
* @seq: the sequence number of the netlink messages
* @local: the bind address
int netlink_open(struct nl_handler *handler, int protocol);
/*
- * netlink_close : close a netlink socket, after this call,
+ * netlink_close : close a netlink socket, after this call,
* the handler is no longer valid
*
* @handler: a handler to the netlink socket
int netlink_close(struct nl_handler *handler);
/*
- * netlink_rcv : receive a netlink message from the kernel.
- * It is up to the caller to manage the allocation of the
+ * netlink_rcv : receive a netlink message from the kernel.
+ * It is up to the caller to manage the allocation of the
* netlink message
*
* @handler: a handler to the netlink socket
int netlink_send(struct nl_handler *handler, struct nlmsg *nlmsg);
/*
- * netlink_transaction: send a request to the kernel and read the response.
- * This is useful for transactional protocol. It is up to the caller
+ * netlink_transaction: send a request to the kernel and read the response.
+ * This is useful for transactional protocol. It is up to the caller
* to manage the allocation of the netlink message.
*
* @handler: a handler to a opened netlink socket
*
* Returns 0 on success, < 0 otherwise
*/
-int netlink_transaction(struct nl_handler *handler,
+int netlink_transaction(struct nl_handler *handler,
struct nlmsg *request, struct nlmsg *anwser);
/*
- * nla_put_string: copy a null terminated string to a netlink message
+ * nla_put_string: copy a null terminated string to a netlink message
* attribute
*
* @nlmsg: the netlink message to be filled
*
* Returns 0 on success, < 0 otherwise
*/
-int nla_put_buffer(struct nlmsg *nlmsg, int attr,
+int nla_put_buffer(struct nlmsg *nlmsg, int attr,
const void *data, size_t size);
/*
int nla_put_u16(struct nlmsg *nlmsg, int attr, ushort value);
/*
- * nla_put_attr: add an attribute name to a netlink
+ * nla_put_attr: add an attribute name to a netlink
*
* @nlmsg: the netlink message to be filled
* @attr: the attribute name of the integer
* nla_begin_nested: begin the nesting attribute
*
* @nlmsg: the netlink message to be filled
- * @attr: the netsted attribute name
+ * @attr: the netsted attribute name
*
* Returns current nested pointer to be reused
* to nla_end_nested.
* @nlmsg: the netlink message
* @nested: the nested pointer
*
- * Returns the current
+ * Returns the current
*/
void nla_end_nested(struct nlmsg *nlmsg, struct rtattr *attr);
/*
- * nlmsg_allocate : allocate a netlink message. The netlink format message
+ * nlmsg_allocate : allocate a netlink message. The netlink format message
* is a header, a padding, a payload and a padding again.
- * When a netlink message is allocated, the size specify the
+ * When a netlink message is allocated, the size specify the
* payload we want. So the real size of the allocated message
* is sizeof(header) + sizeof(padding) + payloadsize + sizeof(padding),
- * in other words, the function will allocate more than specified. When
+ * in other words, the function will allocate more than specified. When
* the buffer is allocated, the content is zeroed.
* The function will also fill the field nlmsg_len with computed size.
* If the allocation must be for the specified size, just use malloc.
/*
* nlmsg_data : returns a pointer to the data contained in the netlink message
- *
+ *
* @nlmsg : the netlink message to get the data
*
* Returns a pointer to the netlink data or NULL if there is no data
return netlink_send(&handler->nlh, (struct nlmsg *)&rtnlmsg->nlmsghdr);
}
-extern int rtnetlink_transaction(struct rtnl_handler *handler,
+extern int rtnetlink_transaction(struct rtnl_handler *handler,
struct rtnlmsg *request, struct rtnlmsg *answer)
{
return netlink_transaction(&handler->nlh, (struct nlmsg *)&request->nlmsghdr,
#define RTNLMSG_DATA(glh) ((void *)(NLMSG_DATA(glh) + RTNL_HDRLEN))
/*
- * struct genl_handler : the structure which store the netlink handler
+ * struct genl_handler : the structure which store the netlink handler
* and the family number
*
* @nlh: the netlink socket handler
*
* Returns 0 on success, < 0 otherwise
*/
-int rtnetlink_transaction(struct rtnl_handler *handler,
+int rtnetlink_transaction(struct rtnl_handler *handler,
struct rtnlmsg *request, struct rtnlmsg *answer);
#endif
c2:12345:respawn:/sbin/getty 38400 tty2 linux
c3:12345:respawn:/sbin/getty 38400 tty3 linux
c4:12345:respawn:/sbin/getty 38400 tty4 linux
-p6::ctrlaltdel:/sbin/init 6
+p6::ctrlaltdel:/sbin/init 6
p0::powerfail:/sbin/init 0
EOF
# remove module stuff for iptables it just shows errors that are not
# relevant in a container
if [ -f "$container_rootfs/etc/sysconfig/iptables-config" ]; then
- sed -i 's|IPTABLES_MODULES=".*|IPTABLES_MODULES=""|' $container_rootfs/etc/sysconfig/iptables-config
+ sed -i 's|IPTABLES_MODULES=".*|IPTABLES_MODULES=""|' $container_rootfs/etc/sysconfig/iptables-config
sed -i 's|IPTABLES_MODULES_UNLOAD=".*|IPTABLES_MODULES_UNLOAD="no"|' $container_rootfs/etc/sysconfig/iptables-config
fi