]>
git.proxmox.com Git - mirror_lxc.git/log
Christian Brauner [Thu, 9 Jan 2020 17:08:48 +0000 (18:08 +0100)]
network: fix network device removal
We can't delete by netdev->ifindex since that's the ifindex of the device in
the container, not on the host. The correct thing is done below.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 9 Jan 2020 16:10:14 +0000 (17:10 +0100)]
tests: log api reboot test failures
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 9 Jan 2020 15:28:02 +0000 (16:28 +0100)]
network: fix typ and formatting in comment
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 9 Jan 2020 11:29:22 +0000 (12:29 +0100)]
network: improve veth device creation
This allows us to avoid having to move the network device. It also allows us to
work around a kernel bug that in combination with a recent change in systemd
244 causes uses of systemd-networkd to not get an ip address.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 9 Jan 2020 15:47:36 +0000 (10:47 -0500)]
Merge pull request #3249 from brauner/2020-01-09/bugfixes
handle kernel version <--> header incompatibility
Christian Brauner [Thu, 9 Jan 2020 11:25:30 +0000 (12:25 +0100)]
start: handle kernel header and kernel incompatability
We might e.g. be compiled in a container with old kernel headers. In this
scenario CLONE_PIDFD will work but pidfd_send_signal() might not be detected
because __NR_pidfd_send_signal is not defined because the kernel headers don't
match the kernel version.
This explains and fixes test-suite hangs on Jenkins I've recently debugged.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 9 Jan 2020 11:28:54 +0000 (12:28 +0100)]
tests: timeout after 60 seconds
That should be more than enough to reboot.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 9 Jan 2020 11:28:19 +0000 (12:28 +0100)]
mainloop: add missing \n
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Serge Hallyn [Wed, 8 Jan 2020 15:45:57 +0000 (09:45 -0600)]
Merge pull request #3241 from brauner/2019-12-25/remove_procfs_pidfd_support
start: remove procfs pidfd support
Stéphane Graber [Sat, 4 Jan 2020 19:11:50 +0000 (14:11 -0500)]
Merge pull request #3247 from Rachid-Koucha/patch-1
Suppress useless udhcpc directory
Rachid Koucha [Fri, 3 Jan 2020 09:48:41 +0000 (10:48 +0100)]
Suppress useless udhcpc directory
The udhcpc directory is created with "mkdir -p" at the place dynamically specified by "busybox udhcpc --help".
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
Christian Brauner [Fri, 27 Dec 2019 12:38:07 +0000 (13:38 +0100)]
Merge pull request #3244 from Rachid-Koucha/master
Adaptation to latest busybox
Christian Brauner [Fri, 27 Dec 2019 11:08:26 +0000 (12:08 +0100)]
Merge pull request #3243 from Rachid-Koucha/patch-1
Word repetition in comment
Rachid Koucha [Fri, 27 Dec 2019 07:49:00 +0000 (08:49 +0100)]
Adaptation to latest busybox
In busybox 1.30, the help of udhcpc for "-s" option changed:
--> busybox v1.27.2: -s,--script PROG Run PROG at DHCP events (default /usr/share/udhcpc/default.script)
--> busybox v1.30.1: -s PROG Run PROG at DHCP events (default /etc/udhcpc/default.script)
So, I changed the command line which extracts the script name to make it work for both versions
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
Christian Brauner [Wed, 25 Dec 2019 17:50:53 +0000 (18:50 +0100)]
start: remove procfs pidfd support
We'll only rely on proper anon-inode based pidfd support in the future.
There's no good reason to use the procfs fallback. All the fancy features we
might want to use are only available with anon-inode pidfds.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Rachid Koucha [Thu, 26 Dec 2019 10:51:54 +0000 (11:51 +0100)]
Word repetition in comment
create_run_template(): Double "will mount" in a comment
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
Stéphane Graber [Wed, 25 Dec 2019 22:12:34 +0000 (17:12 -0500)]
Merge pull request #3238 from brauner/2019-12-23/travis
travis: enable -fsanitize=undefined
Christian Brauner [Mon, 23 Dec 2019 21:42:33 +0000 (22:42 +0100)]
Merge pull request #3239 from vikaig/fix-shebang
cmd: fix shebang
vikaig [Mon, 23 Dec 2019 21:31:53 +0000 (23:31 +0200)]
cmd: fix shebang
Signed-off-by: vikaig <vikaig99@gmail.com>
Christian Brauner [Mon, 23 Dec 2019 19:12:57 +0000 (20:12 +0100)]
travis: enable -fsanitize=undefined
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 23 Dec 2019 10:35:53 +0000 (11:35 +0100)]
Merge pull request #3235 from xinhua9569/master
fd: only add valid fd to mainloop
dongxinhua [Sat, 21 Dec 2019 09:44:40 +0000 (17:44 +0800)]
fd: only add valid fd to mainloop
Signed-off-by: dongxinhua <dongxinhua@huawei.com>
Christian Brauner [Tue, 17 Dec 2019 02:03:38 +0000 (03:03 +0100)]
Merge pull request #3233 from xinhua9569/master
seccomp: support s390 seccomp
Stéphane Graber [Tue, 17 Dec 2019 01:33:58 +0000 (20:33 -0500)]
Merge pull request #3232 from brauner/2019-12-17/cgroup2_api_extension
api_extensions: advertise cgroup2 support
dongxinhua [Tue, 17 Dec 2019 01:10:04 +0000 (09:10 +0800)]
seccomp: support s390 seccomp
Signed-off-by: dongxinhua <dongxinhua@huawei.com>
Christian Brauner [Mon, 16 Dec 2019 23:44:49 +0000 (00:44 +0100)]
api_extensions: advertise cgroup2 support
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 12 Dec 2019 21:52:01 +0000 (16:52 -0500)]
Merge pull request #3229 from brauner/2019-12-12/cgroup_legacy_layout_regression
cgroups/cgfsng: do not prematurely close file descriptors
Christian Brauner [Thu, 12 Dec 2019 21:04:20 +0000 (22:04 +0100)]
cgroups/cgfsng: do not prematurely close file descriptors
When adding the new improved cgroup setup logic I didn't account for the fact
that we need the hierarchy fds up until chown. Add a dedicated cleanup method
to fix this:
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, ,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, tasks,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc b1
20191212205052 .712 WARN cgfsng - cgroups/cgfsng.c:fchowmodat:1481 - Bad file descriptor - Failed to fchownat(-9, cgroup.procs,
1000000000 , 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
Closes #3228.
Fixes: 1973b62aab41 ("cgroups/cgfsng: improve cgroup creation and removal")
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Wed, 11 Dec 2019 13:59:36 +0000 (08:59 -0500)]
Merge pull request #3226 from brauner/cgroup_removal
cgroupfs: improve cgroup removal
Christian Brauner [Wed, 11 Dec 2019 06:37:36 +0000 (07:37 +0100)]
cgroups/cgfsng: improve cgroup creation and removal
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Wed, 11 Dec 2019 02:46:06 +0000 (21:46 -0500)]
Merge pull request #3225 from brauner/cgroup_improvements
cgroups/cgfsng: rework legacy cpuset handling
Christian Brauner [Tue, 10 Dec 2019 20:00:59 +0000 (21:00 +0100)]
cgroups/cgfsng: rework cgroup removal
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 10 Dec 2019 17:15:30 +0000 (18:15 +0100)]
cgroups/cgfsng: rework legacy cpuset handling
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 10 Dec 2019 17:07:47 +0000 (18:07 +0100)]
cgroupfs/cgfsng: pass cgroup to cg_legacy_handle_cpuset_hierarchy() as const char *
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Tue, 10 Dec 2019 14:51:02 +0000 (09:51 -0500)]
Merge pull request #3223 from brauner/flatten_cgroup_hierarchy
cgroups: flatten hierarchy
Christian Brauner [Tue, 10 Dec 2019 11:27:33 +0000 (12:27 +0100)]
cgroups: use explicit unsigned type for bitfield
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 9 Dec 2019 22:14:37 +0000 (23:14 +0100)]
cgroups: flatten hierarchy
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Mon, 9 Dec 2019 15:37:53 +0000 (10:37 -0500)]
Merge pull request #3222 from brauner/security
file_utils: use O_NOCTTY | O_NOFOLLOW
Christian Brauner [Mon, 9 Dec 2019 10:20:29 +0000 (11:20 +0100)]
file_utils: use O_NOCTTY | O_NOFOLLOW
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Sun, 8 Dec 2019 03:31:39 +0000 (22:31 -0500)]
Merge pull request #3218 from brauner/bpf_devices_devpath
cgroups/devices: enable devpath semantics for cgroup2 device controller
Christian Brauner [Sun, 8 Dec 2019 00:58:24 +0000 (01:58 +0100)]
cgroups/devices: enable devpath semantics for cgroup2 device controller
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Sun, 8 Dec 2019 00:39:55 +0000 (19:39 -0500)]
Merge pull request #3217 from brauner/rework_cgroups
cgroups, logging: fixes and improvements
Christian Brauner [Sun, 8 Dec 2019 00:17:33 +0000 (01:17 +0100)]
cgroups/cgfsng: replace lxc_write_file()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:43:40 +0000 (00:43 +0100)]
cgroups/cgfsng: cgfsng_devices_activate()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:41:36 +0000 (00:41 +0100)]
cgroups/cgfsng: rework cgfsng_nrtasks()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:40:29 +0000 (00:40 +0100)]
cgroups/cgfsng: rework cgfsng_mount()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:38:16 +0000 (00:38 +0100)]
cgroups/cgfsng: rework cgfsng_chown()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:35:19 +0000 (00:35 +0100)]
cgroups/cgfsng: rework cgfsng_attach()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:33:24 +0000 (00:33 +0100)]
cgroups/cgfsng: rework cgfsng_setup_limits()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:27:22 +0000 (00:27 +0100)]
cgroups/cgfsng: rework cgfsng_setup_limits_legacy()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:24:20 +0000 (00:24 +0100)]
cgroups/cgfsng: rework cgfsng_{get,set}()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:20:02 +0000 (00:20 +0100)]
cgroups/cgfsng: rework cgfsng_unfreeze()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:18:52 +0000 (00:18 +0100)]
cgroups/cgfsng: rework cgfsng_get_hierarchies()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:17:58 +0000 (00:17 +0100)]
cgroups/cgfsng: rework cgfsng_num_hierarchies()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:16:59 +0000 (00:16 +0100)]
cgroups/cgfsng: rework cgfsng_escape()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:13:14 +0000 (00:13 +0100)]
cgroups/cgfsng: rework cgfsng_payload_enter()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 23:06:59 +0000 (00:06 +0100)]
cgroups/cgfsng: rework cgfsng_payload_create()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 22:47:16 +0000 (23:47 +0100)]
tree-wide: s/__unused/__lxc_unused/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 21:19:20 +0000 (22:19 +0100)]
cgroups/cgfsng: rework cgroup attach
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 21:12:00 +0000 (22:12 +0100)]
cgroups/cgfsng: don't dereference NULL-pointer
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 21:04:04 +0000 (22:04 +0100)]
cgroups/cgfsng: log chown_cgroup_wrapper()
It's becoming more important on cgroup2 to properly delegate cgroups.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 20:51:58 +0000 (21:51 +0100)]
cgroups/cgfsng: rework cgroup2 unprivileged delegation
We accidently checked files to delegate for privileged container and not for
unprivileged containers in the pure unified case. Fix that and clean up the
delegation file parsing.
Closes #3206.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 17:17:48 +0000 (18:17 +0100)]
cgroups/cgfsng: rework cgfsng_{monitor,payload}_delegate_controllers()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 17:13:54 +0000 (18:13 +0100)]
cgroups/cgfsng: rework cgfsng_monitor_enter()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 17:12:30 +0000 (18:12 +0100)]
cgroups/cgfsng: rework cgfsng_monitor_create()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 17:08:25 +0000 (18:08 +0100)]
cgroups/cgfsng: rework cgfsng_monitor_destroy()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 17:04:17 +0000 (18:04 +0100)]
cgroups/cgfsng: rework cgfsng_payload_destroy()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:40:32 +0000 (17:40 +0100)]
log: remove unused compiler attribute
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:40:05 +0000 (17:40 +0100)]
start: replace compiler attributes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:39:49 +0000 (17:39 +0100)]
log: replace compiler attributes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:39:03 +0000 (17:39 +0100)]
attach: replace closing helpers
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:38:42 +0000 (17:38 +0100)]
compiler: add __unused attribute
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:31:50 +0000 (17:31 +0100)]
{log, macro}: remove unused logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:31:36 +0000 (17:31 +0100)]
lxccontainer: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:31:21 +0000 (17:31 +0100)]
confile_utils: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:30:57 +0000 (17:30 +0100)]
cgroups: rework return values of some functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:30:07 +0000 (17:30 +0100)]
cgroups/cgroup2_devices: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:29:12 +0000 (17:29 +0100)]
cgroups/cgroup: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:28:06 +0000 (17:28 +0100)]
cgroups/cgfsng: replace logging functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:25:28 +0000 (17:25 +0100)]
confile: replace logging helpers
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:24:29 +0000 (17:24 +0100)]
network: replace logging helpers
s/error_log_errno(/log_error_errno(-1, /g
s/minus_one_set_errno(/ret_set_errno(-1, /g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:23:24 +0000 (17:23 +0100)]
commands: replace logging helpers
s/error_log_errno(/log_error_errno(-1, /g
s/minus_one_set_errno(/ret_set_errno(-1, /g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:22:53 +0000 (17:22 +0100)]
attach: s/minus_one_set_errno(/ret_set_errno(-1, /g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:22:14 +0000 (17:22 +0100)]
af_unix: s/minus_one_set_errno(/ret_set_errno(-1, /g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:21:53 +0000 (17:21 +0100)]
macro: add ret_errno()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 7 Dec 2019 16:21:18 +0000 (17:21 +0100)]
log: rearrange
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Fri, 6 Dec 2019 14:54:57 +0000 (09:54 -0500)]
Merge pull request #3215 from brauner/cgroup2_controller_delegation
cgroup2: rework controller delegation
Christian Brauner [Fri, 6 Dec 2019 08:42:47 +0000 (09:42 +0100)]
cgroup2: rework controller delegation
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 6 Dec 2019 14:34:14 +0000 (15:34 +0100)]
Merge pull request #3214 from Rachid-Koucha/patch-1
"busy" field init to -1 instead of 0
Christian Brauner [Fri, 6 Dec 2019 14:10:27 +0000 (15:10 +0100)]
Merge pull request #3213 from blenk92/fix-mount-parsing
config: Fix parsing of mount options
Rachid Koucha [Fri, 6 Dec 2019 14:07:47 +0000 (15:07 +0100)]
"busy" field set to -1 instead of 0
"busy" field is assigned with the command socket descriptor when the terminal is in use. So, use "-1" to disable it.
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
Rachid Koucha [Fri, 6 Dec 2019 14:04:31 +0000 (15:04 +0100)]
"busy" field set to 1 instead of 0
"busy" field is assigned with the command socket descriptor when the terminal is in use. So, use "-1" to disable it.
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
Rachid Koucha [Fri, 6 Dec 2019 13:59:52 +0000 (14:59 +0100)]
Init "busy" field to -1 as 0 is valid fd
"busy" field is assigned with the command socket descriptor when the terminal is in use. So, use "-1" to disable it.
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
Maximilian Blenk [Thu, 5 Dec 2019 15:44:41 +0000 (16:44 +0100)]
config: Fix parsing of mount options
When parsing mount options e.g. from lxc.mount.entry the specified
options are mapped to the flags constants. To do so, the strings
are compared to the options contained in mount_opt. However,
when comparing the strings, the length of the string is not
checked. That entails that the option "rootcontext=selinux-context"
is mapped to the mount option read-only (ro). This commit fixes
this issue by checking if a '=' is contained in the specified option
and additionally comparing the length of the strings.
Signed-off-by: Maximilian Blenk <Maximilian.Blenk@bmw.de>
Stéphane Graber [Wed, 4 Dec 2019 14:59:20 +0000 (09:59 -0500)]
Merge pull request #3204 from brauner/switch_to_spdx
lxc: switch to SPDX
Stéphane Graber [Wed, 4 Dec 2019 14:57:57 +0000 (09:57 -0500)]
Merge pull request #3207 from brauner/cgroup2_improvements_2
cgroups: improve container cgroup attaching
Christian Brauner [Wed, 4 Dec 2019 13:03:48 +0000 (14:03 +0100)]
cgroups/devices: correctly verify bpf device useability in cgfsng_devices_activate()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 4 Dec 2019 12:26:54 +0000 (13:26 +0100)]
cgroups: improve container cgroup attaching
The current attach.c codepath which handles moving the attaching process into
the container's cgroups allocates a whole new struct cgroup_ops and goes
through the trouble of reparsing the whole cgroup layout.
That's costly and wasteful. My plan has always been to move this into the
command api by getting fds for attaching back but but it's not worth going
through that hazzle for non-unified hosts. On pure unified hosts however -
being the future - we can just attach through a single fd so there's no need to
allocate and setup struct cgroup_ops.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 3 Dec 2019 21:04:14 +0000 (22:04 +0100)]
lxc: switch to SPDX
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 4 Dec 2019 12:26:23 +0000 (13:26 +0100)]
commands: use logging return helpers
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>