Read the container root password from stdin when creating a
container with 'pct create ... -password', instead of
providing it as command line argument. This is consistent
with 'pveum adduser' and pvesh, as described in #737 and #777.
Fix #918: add /dev/mapper symlinks for dm-* devices
Mount canonicalizes paths unless the -c option is used. This
is mostly fine but for device-mapper nodes (/dev/dm-*) it'll
fetch the /dev/mapper/* path and pass that to the mount
system call resulting in /proc/mounts showing the
/dev/mapper path. This is neither the one we provided (since
we use /dev/$vg/$lv), nor the one userspace tools will find
in /dev currently.
Since the dm-* paths are rather inconvenient to look at we
decided to keep mount's behavior and compensate by providing
the /dev/mapper symlinks for devices via the autodev hook.
Add force parameter for migration with bind/dev mp
Add a new 'force' parameter that allows to force the
migration of a container despite configured bind or device
mountpoints, which will be ignored/skipped.
this allows to set the rootfs to <storage>:<size>,
automatically creating an empty volume of the specified
size on the specified storage, like for non-rootfs mps.
the non-'rootdir' storages are filtered out in the web
interface already, but using the API/CLI it was still
possible to add volumes on storages without the 'rootdir'
content type.
this check is only used for mountpoints using our storage
backends, bind/dev mounts still work like before.
Instead of dropping the 'backup' lock early on when doing
snapshot backups, drop it temporarily for snapshot
operations that set their own 'snapshot' lock, and protect
the "unlock_vm, snapshot_XX, lock_vm" sequence by holding an
flock for the config file.
Before this change it was possible to interfere with the
backup job by setting a different lock with another
operation inbetween the call to unlock_vm and
snapshot_create (or snapshot_delete).
The final lock_vm is re-introduced in order to be more
consistent with the other backup modes and to prevent
changes to the configuration file before assemble()
reloads the configuration that is included in the backup.
With the introduction of unmanaged containers a check was
added to verify that the ostype is the same as the
autodetected one.
Since our CentOS plugin was named 'redhat' but the ostype
setting was 'centos' this error triggered and rendered
centos containers unusable.
Renamed the LXC::Setup::Redhat package LXC::Setup::CentOS
and changed the plugin name to and autodetected type from
'redhat' to 'centos' as well.
Replaced ct_modify_file_head_portion() with ct_modify_file()
taking a header and and replacing the section in-place
rather than always moving it to the top of the file.
The behavior for when a section is not defined can be
defined via the provided options (replace, prepend, or
append).
Move add_unused_volume into abstract
pve-common/src/PVE/AbstractConfig.pm, because it is
identical for LXC and Qemu.
Move classify_mountpoint, is_volume_in_use, has_dev_console,
mountpoint_names, foreach_mountpoint_XX and get_vm_volumes
to PVE::LXC::Config because they only deal with config
related matters.
(Some of) the latter methods might get moved to or become
implementations of methods in PVE::AbstractConfig in the
future.
Move snapshot_create, snapshot_delete and snapshot_rollback
into abstract pve-common/src/PVE/AbstractConfig.pm,
splitting LXC-specific parts into __snapshot_XX methods in
src/PVE/LXC/Config.pm.
check_freeze_needed, snapshot_prepare and snapshot_commit
are downgraded to private __snapshot_XX methods (in
PVE::AbstractConfig and PVE::LXC::Config).
has_feature is made an implementation of the abstract
has_feature, and thus moves into src/PVE/LXC/Config.pm
Refactor config-related methods into AbstractConfig
Move load_config, write_config, lock_config[_xx],
check_lock, has_lock, set_lock, remove_lock, is_template,
check_protection and config_file to pve-common/src/PVE/
AbstractConfig.pm since they are identical for LXC and
Qemu.
Move cfs_config_path and config_file_lock to implementation
of PVE::AbstractConfig in src/PVE/LXC/Config.pm
Drop create_config and replace it with write_config.
Since set_lock does the implied lock_config() and
load_config() it also returns the loaded config afterwards
as there is no other meaningful return value defined for
this function since failure to apply the lock throws an
exception.
remove_lock() also takes a lock name in order to make sure
only the correct lock is being removed.
To avoid symlink problems these implementations switch
between the host's and container's namespace to open the
corresponding file handles, then copy the data.
With unprivileged containers we also enter the container's
user-namespace with pct-push and switch to the container's
root user before opening the destination for writing in
order to create new files with the mapped root user.
add unused running flag for signature compatibility to
QemuServer.pm
add backup_only flag to replace former feature workaround,
needed to skip backup=no mountpoints if called from VZDump.
Adjust snapshot_create and snapshot_prepare signatures
Add new save_vmstate parameter to snapshot_create and
snapshot_prepare, like in QemuServer.pm
Also make snapshot_prepare and snapshot_commit proper subs.
Add unused volumes for changed mpX and rootfs, not only for
deleted mpX.
Add check before adding to unused volumes in order to
prevent false entries (which could lead to deletion of still
used volumes!)
Since busybox' current default DHCPv6 client is unfinished
and alpine currently doesn't handle a 'dhcp' interface type
in its /etc/network/interfaces and bails out when
configuring the network with a broken config we have to make
sure we don't pass this on to debian's setup_network.
Unfortunately a warning at this point would only be visible
when creating a container because at this point no warning
makes it to the console/UI (and errors would be hidden
because the setup runs in our lxc prestart hook).