]>
git.proxmox.com Git - mirror_lxc.git/log
Stéphane Graber [Tue, 11 May 2021 12:51:27 +0000 (08:51 -0400)]
Merge pull request #3837 from brauner/2021-05-10.fixes.cgroup
cgroups: clean up cgroup_ops on initialization error
Christian Brauner [Tue, 11 May 2021 07:05:03 +0000 (09:05 +0200)]
cgroups: clean up cgroup_ops on initialization error
Fixes: #3836
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Mon, 10 May 2021 16:12:56 +0000 (12:12 -0400)]
Merge pull request #3826 from brauner/2021-05-04.fuzz.cgroup
oss-fuzz: add basic cgroup_init()/cgroup_exit() fuzzing
Stéphane Graber [Mon, 10 May 2021 15:25:51 +0000 (11:25 -0400)]
Merge pull request #3834 from brauner/2021-05-10.fixes
tests: fix lxc-test-arch-parse for make dist
Christian Brauner [Mon, 10 May 2021 15:05:04 +0000 (17:05 +0200)]
tests: fix lxc-test-arch-parse for make dist
Fixes: https://jenkins.linuxcontainers.org/job/lxc-build-tarballs/2762/console
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Sun, 9 May 2021 17:03:17 +0000 (13:03 -0400)]
Merge pull request #3833 from brauner/2021-05-09.fixes
confile: re-add aarch64 architecture
Christian Brauner [Sun, 9 May 2021 14:11:12 +0000 (16:11 +0200)]
tests: add tests for supported architectures
Ensure that we detect all supported architectures and don't regress
recognizing them.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sun, 9 May 2021 13:44:59 +0000 (15:44 +0200)]
confile: re-add aarch64 architecture
Apparenty we dropped this when we cleaned up architecture handling.
Fixes: #3832
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sun, 9 May 2021 12:28:23 +0000 (14:28 +0200)]
Merge pull request #3831 from sjuxax/zfs-fix
Skip rootfs pinning for ZFS roots.
Jeff Cook [Sun, 9 May 2021 11:29:05 +0000 (05:29 -0600)]
Reflow ZFS check to follow the style of the overlayfs return.
Per https://github.com/lxc/lxc/pull/3831#discussion_r628865713
Signed-off-by: Jeff Cook <jeff@jeffcook.io>
Jeff Cook [Sun, 9 May 2021 02:46:42 +0000 (20:46 -0600)]
Skip rootfs pinning for ZFS roots.
Signed-off-by: Jeff Cook <jeff@jeffcook.io>
Stéphane Graber [Fri, 7 May 2021 15:52:05 +0000 (11:52 -0400)]
Merge pull request #3829 from brauner/2021-05-07.fixes
doc: document new idmap= option for lxc.rootfs.options
Christian Brauner [Fri, 7 May 2021 15:21:18 +0000 (17:21 +0200)]
doc: document new idmap= option for lxc.rootfs.options
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 6 May 2021 16:42:23 +0000 (12:42 -0400)]
Merge pull request #3827 from brauner/2021-05-06.cap_setfcap
conf: handle kernels with CAP_SETFCAP
Christian Brauner [Thu, 6 May 2021 16:16:45 +0000 (18:16 +0200)]
conf: handle kernels with CAP_SETFCAP
LXC is being very clever and sometimes maps the caller's uid into the
child userns. This means that the caller can technically write fscaps
that are valid in the ancestor userns (which can be a security issue in
some scenarios) so newer kernels require CAP_SETFCAP to do this. Until
newuidmap/newgidmap are updated to account for this simply write the
mapping directly in this case.
Cc: stable-4.0
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 16:40:15 +0000 (18:40 +0200)]
oss-fuzz: add basic cgroup_init()/cgroup_exit() fuzzing
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Tue, 4 May 2021 14:54:52 +0000 (10:54 -0400)]
Merge pull request #3825 from brauner/2021-05-04.fixes
lxc.arch fixes
Christian Brauner [Tue, 4 May 2021 14:16:36 +0000 (16:16 +0200)]
attach: introduce explicit personality macro
Introduce LXC_ATTACH_DETECT_PERSONALITY to make it explicit what is
happening instead of using -1.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 14:09:48 +0000 (16:09 +0200)]
conf: add personality_t
Catch errors in personality handling better.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 13:43:38 +0000 (15:43 +0200)]
attach_options: unbreak header
In a moment of idioticity I switch -1 with 0xffffffff in the header
definition but we use -1 to autodetect.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 11:38:52 +0000 (13:38 +0200)]
conf: rework lxc_config_parse_arch()
Fix architecture parsing. So far we couldn't really differ between "want
default architecture" and "failed to parse requested architecture"
because the -1 return value means both. Fix this by using the return
value only to indicate success or failure and return the parsed
personality in a return argument.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 11:30:20 +0000 (13:30 +0200)]
conf: tweak setup_personality()
Use the dedicated LXC_ARCH_UNCHANGED macro everywhere instead of relying
on -1 being correct.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 11:27:20 +0000 (13:27 +0200)]
tree-wide: make personality codepaths unconditional
Now that we have the infra to make personality handling unconitional
remove the ifndefs everywhere.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 11:21:28 +0000 (13:21 +0200)]
syscalls: wrap personality syscall if undefined
There's no need to making personality handling conditional as it has
been around for such a long time that only weird systems wouldn't have
support for it. And especially if the user requested a specific
personality to be set but the system doesn't support the personality
syscall we should loudly fail instead of moving on.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 06:59:24 +0000 (08:59 +0200)]
commands: log at debug not info level when receiving file descriptors
Don't spam the logs because we do receive a lot of file descriptors.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 06:57:52 +0000 (08:57 +0200)]
confile: make per_name struct static
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 4 May 2021 03:10:35 +0000 (05:10 +0200)]
Merge pull request #3823 from evverx/gcc-11-workaround
string_utils: get around GCC-11 false positives
Stéphane Graber [Mon, 3 May 2021 23:59:44 +0000 (19:59 -0400)]
Merge pull request #3824 from evverx/sanitizers-follow-ups
github: remove the dh-* packages
Evgeny Vereshchagin [Mon, 3 May 2021 20:44:05 +0000 (20:44 +0000)]
string_utils: get around GCC-11 false positives
by getting rid of stpncpy
Tested with gcc (GCC) 11.1.1
20210428 (Red Hat 11.1.1-1)
Closes https://github.com/lxc/lxc/issues/3752
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Evgeny Vereshchagin [Mon, 3 May 2021 22:35:19 +0000 (22:35 +0000)]
github: also pass the j option to make
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Evgeny Vereshchagin [Mon, 3 May 2021 22:31:55 +0000 (22:31 +0000)]
github: remove the dh-* packages
We don't build any packages there so it seems we don't need
those packages any more. Apart from that, it should make the
script work on Ubuntu Hirsute where dh-systemd was merged into
debhelper and is no longer available.
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Stéphane Graber [Mon, 3 May 2021 12:03:25 +0000 (08:03 -0400)]
Merge pull request #3819 from dev-aaront-org/console-mode-messages
conf: fix console chmod error log messages
Christian Brauner [Mon, 3 May 2021 12:03:14 +0000 (14:03 +0200)]
Merge pull request #3822 from stgraber/master
github: Run apt-get update in sanitizer test
Stéphane Graber [Mon, 3 May 2021 12:03:03 +0000 (08:03 -0400)]
Merge pull request #3820 from brauner/2021-05-03.lxc_monitord.log
lxc_monitord: remove monitord log
Stéphane Graber [Mon, 3 May 2021 12:02:14 +0000 (08:02 -0400)]
github: Run apt-get update in sanitizer test
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Christian Brauner [Mon, 3 May 2021 06:57:39 +0000 (08:57 +0200)]
lxc_monitord: remove monitord log
The tool is effectively unused with current master so removing the log
should be ok by now. Let's remove the log to avoid issues such as #3747.
Fixes #3747
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sat, 1 May 2021 06:29:20 +0000 (08:29 +0200)]
Merge pull request #3818 from evverx/disable-logs-on-oss-fuzz
oss-fuzz: always turn off logging on OSS-Fuzz
Aaron Thompson [Sat, 1 May 2021 01:20:14 +0000 (01:20 +0000)]
conf: fix console chmod error log messages
Signed-off-by: Aaron Thompson <dev@aaront.org>
Stéphane Graber [Fri, 30 Apr 2021 14:03:58 +0000 (10:03 -0400)]
Merge pull request #3817 from brauner/2021-04-30.fixes
cgroups: fix fallback attach codepath
Christian Brauner [Fri, 30 Apr 2021 13:47:35 +0000 (15:47 +0200)]
cgroups: fix fallback attach codepath
When we attach to an old server the server can return ENOSYS instead of
ENOCGROUP2 which causes LXC to abort the attach unnecessary. Fix this!
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Fri, 30 Apr 2021 12:45:18 +0000 (08:45 -0400)]
Merge pull request #3816 from brauner/2021-04-30/fixes
storage: fix dup_cloexec() call
Evgeny Vereshchagin [Fri, 30 Apr 2021 11:08:34 +0000 (11:08 +0000)]
oss-fuzz: always turn off logging on OSS-Fuzz
Apparently /proc/self/cmd can't be used (reliably) on OSS-Fuzz to figure out
whether the code is run inside the fuzz targets, which causes the
fuzz targets to fill the filesystem with log files.
Related: https://github.com/google/oss-fuzz/issues/5509
Should address https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33835
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Christian Brauner [Fri, 30 Apr 2021 08:35:06 +0000 (10:35 +0200)]
storage: fix dup_cloexec() call
Fixes: Coverity 1477399
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Wed, 28 Apr 2021 13:52:30 +0000 (09:52 -0400)]
Merge pull request #3814 from brauner/2021-04-28.fixes
api-extensions: add entry for idmapped_mounts
Christian Brauner [Wed, 28 Apr 2021 13:38:48 +0000 (15:38 +0200)]
api-extensions: add entry for idmapped_mounts
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Wed, 28 Apr 2021 12:57:16 +0000 (08:57 -0400)]
Merge pull request #3812 from brauner/2021-04-28.fixes
storage/dir: cleanup mount code
Christian Brauner [Wed, 28 Apr 2021 09:59:26 +0000 (11:59 +0200)]
Merge pull request #3802 from evverx/build-system-fuzzers
oss-fuzz: switch to --enable-fuzzers
Christian Brauner [Wed, 28 Apr 2021 09:33:37 +0000 (11:33 +0200)]
storage/dir: cleanup mount code
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 28 Apr 2021 09:27:58 +0000 (11:27 +0200)]
storage/dir: remove error handling down
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 28 Apr 2021 09:26:59 +0000 (11:26 +0200)]
storage/dir: source can't be empty
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 28 Apr 2021 09:26:11 +0000 (11:26 +0200)]
storage/dir: use "source" and "target" as terms
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 28 Apr 2021 09:24:15 +0000 (11:24 +0200)]
storage/dir: retrieve proper source path later
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 28 Apr 2021 09:23:03 +0000 (11:23 +0200)]
storage/dir: use clear error messages
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 28 Apr 2021 09:21:03 +0000 (11:21 +0200)]
storage/dir: bdev->dest can't be empty
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 28 Apr 2021 09:19:47 +0000 (11:19 +0200)]
dir: use mnt_opts->data instead of mntdata
Fixes: https://launchpadlibrarian.net/535845165/buildlog_ubuntu-focal-s390x.lxc_1%3A4.0.6+master~20210427-2321-0ubuntu1~focal_BUILDING.txt.gz
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Tue, 27 Apr 2021 22:42:41 +0000 (18:42 -0400)]
Merge pull request #3811 from brauner/2021-04-25.idmapped_mounts.rootfs
rootfs rework
Evgeny Vereshchagin [Tue, 27 Apr 2021 00:03:39 +0000 (00:03 +0000)]
build-system: turn off lto=thin when building the fuzzers
With lto=thin the fuzzers fail as soon as they start with
```
ERROR: The size of coverage PC tables does not match the
number of instrumented PCs. This might be a compiler bug,
please contact the libFuzzer developers.
Also check https://bugs.llvm.org/show_bug.cgi?id=34636
for possible workarounds (tl;dr: don't use the old GNU ld)
```
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Evgeny Vereshchagin [Mon, 26 Apr 2021 21:41:54 +0000 (21:41 +0000)]
tests: run the fuzzers along with the other tests
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Evgeny Vereshchagin [Wed, 14 Apr 2021 18:37:08 +0000 (18:37 +0000)]
log: create log files in "fuzzing" mode if it's called outside fuzz targets
to make it possible to run the fuzzers along with the other tests
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Evgeny Vereshchagin [Wed, 14 Apr 2021 09:22:51 +0000 (09:22 +0000)]
ci: switch to --enable-fuzzers
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Evgeny Vereshchagin [Wed, 14 Apr 2021 09:20:31 +0000 (09:20 +0000)]
build-system: add --enable-fuzzers
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
Christian Brauner [Sun, 25 Apr 2021 10:23:56 +0000 (12:23 +0200)]
conf: improve idmapped mounts support
Setting up a detached idmapped mount is a privileged operation, mounting
it doesn't have to be.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sun, 25 Apr 2021 09:02:15 +0000 (11:02 +0200)]
conf: s/lxc_rootfs_prepare/lxc_rootfs_init/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sun, 25 Apr 2021 08:24:17 +0000 (10:24 +0200)]
conf: move all mount options into struct lxc_mount_options
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Sun, 25 Apr 2021 07:59:42 +0000 (09:59 +0200)]
conf: stash lxc_storage into lxc_rootfs and bind to its lifetime
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Sat, 24 Apr 2021 17:48:56 +0000 (13:48 -0400)]
Merge pull request #3810 from brauner/2021-04-24.fixes
configure: fix function detection
Christian Brauner [Sat, 24 Apr 2021 09:19:53 +0000 (11:19 +0200)]
configure: fix function detection
Fixes: #3809
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Fri, 23 Apr 2021 12:48:51 +0000 (08:48 -0400)]
Merge pull request #3808 from brauner/2021-04-23.fixes
dir: fix rootfs mounting
Christian Brauner [Fri, 23 Apr 2021 09:29:47 +0000 (11:29 +0200)]
dir: fix rootfs mounting
We need to be able to lookup symlinks and allow xdev.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 23 Apr 2021 04:58:33 +0000 (06:58 +0200)]
Merge pull request #3807 from evverx/seccom-leak
seccomp: init and destroy notifier.cookie
Stéphane Graber [Thu, 22 Apr 2021 20:40:27 +0000 (16:40 -0400)]
Merge pull request #3805 from brauner/2021-04-22.fixes.3
mntopt fixes
Christian Brauner [Thu, 22 Apr 2021 19:09:12 +0000 (21:09 +0200)]
conf: don't overrun dest buffer in parse_lxc_mntopts()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 22 Apr 2021 18:55:46 +0000 (20:55 +0200)]
conf: better naming
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 22 Apr 2021 12:59:16 +0000 (08:59 -0400)]
Merge pull request #3804 from brauner/2021-04-22.fixes.2
getsubopt: use correct include
Christian Brauner [Thu, 22 Apr 2021 11:43:27 +0000 (13:43 +0200)]
getsubopt: use correct include
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 22 Apr 2021 11:40:21 +0000 (07:40 -0400)]
Merge pull request #3803 from brauner/2021-04-22.fixes
include fixes for Bionic
Christian Brauner [Thu, 22 Apr 2021 09:00:09 +0000 (11:00 +0200)]
Makefile: fix strchrnul() inclusion
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 22 Apr 2021 07:45:13 +0000 (09:45 +0200)]
conf: include strchrnul for platforms that don't support it
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 22 Apr 2021 07:44:07 +0000 (09:44 +0200)]
strchrnul: include header
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 22 Apr 2021 00:05:12 +0000 (20:05 -0400)]
Merge pull request #3709 from brauner/2021-03-17/idmapped_mounts_v2
Initial support for idmapped mounts
Christian Brauner [Sat, 20 Mar 2021 10:40:19 +0000 (11:40 +0100)]
conf: don't allow idmapped lxc.mount.{entry,fstab} just yet
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 18 Mar 2021 11:15:01 +0000 (12:15 +0100)]
conf: tweak parse_lxc_mntopts()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 18 Mar 2021 10:24:18 +0000 (11:24 +0100)]
apparmor: handle on-exec
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 18 Mar 2021 09:40:43 +0000 (10:40 +0100)]
attach: use correct lxc_namespace_t type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 18 Mar 2021 09:40:13 +0000 (10:40 +0100)]
attach: visually separate pids from fds during initalization
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 15:43:15 +0000 (16:43 +0100)]
conf: verify that the rootfs can support idmapped mounts
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 15:22:46 +0000 (16:22 +0100)]
start: documented idmapped mounts
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 15:16:48 +0000 (16:16 +0100)]
mount_utils: add two detached mount helpers
They'll come in handy in the future.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 10:39:13 +0000 (11:39 +0100)]
conf: support idmapping directories
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 10:07:47 +0000 (11:07 +0100)]
mount_utils: add helper to determine whether new mount api supports bind mounts
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 10:03:04 +0000 (11:03 +0100)]
storage: keep a reference to lxc_rootfs in lxc_storage
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 09:54:19 +0000 (10:54 +0100)]
mount_utils: add support for mount_setattr() syscall
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 09:45:29 +0000 (10:45 +0100)]
confile: parse idmap=<path> mount option for rootfs
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 09:35:33 +0000 (10:35 +0100)]
conf: add first, trivial support for idmapped mounts
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 17 Mar 2021 09:01:19 +0000 (10:01 +0100)]
conf: rework lxc specific mount option parsing
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 21 Apr 2021 05:27:31 +0000 (07:27 +0200)]
Merge pull request #3801 from evverx/san-tweaks
ci: make use of --enable-sanitizers instead of CFLAGS
Christian Brauner [Mon, 19 Apr 2021 15:19:18 +0000 (17:19 +0200)]
Merge pull request #3800 from evverx/gh3796
Revert "ci: get around https://github.com/lxc/lxc/issues/3796"
Christian Brauner [Mon, 19 Apr 2021 11:46:14 +0000 (13:46 +0200)]
Merge pull request #3787 from evverx/san-build
ci: an attempt to run the tests under ASan/UBsan
Christian Brauner [Sun, 18 Apr 2021 18:00:10 +0000 (20:00 +0200)]
Merge pull request #3799 from evverx/apparmor-bytes
apparmor: turn bytes into null-terminated strings before calling strcspn
Stéphane Graber [Sat, 17 Apr 2021 16:58:09 +0000 (12:58 -0400)]
Merge pull request #3790 from brauner/2021-04-15.fixes
lxc_clone & configure fix