git.proxmox.com Git - mirror

]> git.proxmox.com Git - mirror_lxc.git/log

projects / mirror_lxc.git / log

commit | commitdiff | tree

Stéphane Graber [Mon, 7 Aug 2017 21:49:40 +0000 (17:49 -0400)]

debian: Add buster as a valid release

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Serge Hallyn [Sat, 5 Aug 2017 03:15:40 +0000 (22:15 -0500)]

Merge pull request #1729 from brauner/2017-08-03/ensure_cgroup_cleanup_before_restart

start: ensure cgroups are cleaned up

commit | commitdiff | tree

Christian Brauner [Thu, 3 Aug 2017 21:55:23 +0000 (23:55 +0200)]

start: ensure cgroups are cleaned up

When a container is marked as being in STOPPED state it is possible for another
thread to start it again even though not all cleanup operations for that
container have finished. This is not a problem for most things like sockets and
friends which are unique to the container. It is however a problem for cgroups
which are named after that container in that we cause our cgroup driver to
waste cpu cycles finding a new cgroup name.

Closes #1726.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 3 Aug 2017 02:12:36 +0000 (22:12 -0400)]

Merge pull request #1727 from brauner/2017-08-02/fix_travis

travis: fix builds

commit | commitdiff | tree

Serge Hallyn [Wed, 2 Aug 2017 17:30:06 +0000 (12:30 -0500)]

Merge pull request #1705 from brauner/2017-07-15/fix_clone

storage: rework storage drivers

commit | commitdiff | tree

Christian Brauner [Wed, 2 Aug 2017 16:41:57 +0000 (18:41 +0200)]

travis: fix builds

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Serge Hallyn [Wed, 2 Aug 2017 16:18:45 +0000 (11:18 -0500)]

Merge pull request #1725 from brauner/2017-08-01/handle_pre_mounted_dev

conf: NOTICE() on mounts on container's /dev

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 23:31:16 +0000 (01:31 +0200)]

userns.conf: remove obsolete bind-mounts

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 23:28:35 +0000 (01:28 +0200)]

conf: NOTICE() on mounts on container's /dev

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 29 Jul 2017 21:10:17 +0000 (23:10 +0200)]

utils: rework lxc_deslashify()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 21:34:50 +0000 (23:34 +0200)]

conf: lxc_fill_autodev()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 21:33:43 +0000 (23:33 +0200)]

utils: switch to has_fs_type()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 21:23:24 +0000 (23:23 +0200)]

utils: add has_fs_type() + is_fs_type()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:54:09 +0000 (22:54 +0200)]

conf: mount_autodev()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:48:06 +0000 (22:48 +0200)]

conf: lxchook_names

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:46:14 +0000 (22:46 +0200)]

conf: mount_entry()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:38:44 +0000 (22:38 +0200)]

conf: cull_mntent_opt()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:35:29 +0000 (22:35 +0200)]

conf: mount_entry_create_dir_file()

bugfixes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 19:43:56 +0000 (21:43 +0200)]

android: include custom mntent

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:18:38 +0000 (22:18 +0200)]

conf: mount_entry_on_generic()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:15:56 +0000 (22:15 +0200)]

conf: mount_entry_on_systemfs()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:14:48 +0000 (22:14 +0200)]

conf: mount_entry_on_absolute_rootfs()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:11:32 +0000 (22:11 +0200)]

conf: setup_mount_entries()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:07:10 +0000 (22:07 +0200)]

conf: make_anonymous_mount_file()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:03:14 +0000 (22:03 +0200)]

conf: setup_mount()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 20:00:44 +0000 (22:00 +0200)]

conf: mount_file_entries()

non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Serge Hallyn [Tue, 1 Aug 2017 19:59:32 +0000 (14:59 -0500)]

Merge pull request #1723 from brauner/2017-07-31/remove_utmp_watch

start: remove utmp watch

commit | commitdiff | tree

Serge Hallyn [Tue, 1 Aug 2017 19:59:06 +0000 (14:59 -0500)]

Merge pull request #1722 from brauner/2017-07-31/devpts_use_max_mount_option

devpts: use max=<count> option on mount

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 19:46:13 +0000 (15:46 -0400)]

Merge pull request #1724 from GamerSource/opensuse-template-improvements-v2

Opensuse template improvements

commit | commitdiff | tree

Christian Brauner [Tue, 1 Aug 2017 17:54:24 +0000 (19:54 +0200)]

overlay: correctly restore from snapshot

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 31 Jul 2017 20:54:38 +0000 (22:54 +0200)]

devpts: use max=<count> option on mount

This will only work with kernels >= 3.4

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 31 Jul 2017 21:04:54 +0000 (23:04 +0200)]

start: remove utmp watch

Closes #1616.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Thomas Lamprecht [Tue, 1 Aug 2017 06:03:41 +0000 (08:03 +0200)]

templates/opensuse: support leap 42.3

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

commit | commitdiff | tree

Thomas Lamprecht [Tue, 1 Aug 2017 06:03:07 +0000 (08:03 +0200)]

templates/opensuse: getty.target.wants does not always exists

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

commit | commitdiff | tree

Thomas Lamprecht [Tue, 1 Aug 2017 05:48:21 +0000 (07:48 +0200)]

templates/opensuse: fix tumbleweed software selection

tumbleweed needs a newer version for a few packages, namely:
* liblua5_3
* bncurses6
* breadline7

As Leap it also has no dhcpd, but udhcp which gets pulled in already.
Further iproute2 and net-tools need manual instalation.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

commit | commitdiff | tree

Thomas Lamprecht [Tue, 1 Aug 2017 05:34:43 +0000 (07:34 +0200)]

templates/opensuse: tumbleweed has no update repo

As tumbleweed is a rolling release it has not update repository.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

commit | commitdiff | tree

Christian Brauner [Sun, 30 Jul 2017 07:18:24 +0000 (09:18 +0200)]

overlay: simplify logic

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 29 Jul 2017 21:10:28 +0000 (23:10 +0200)]

overlay: correctly handle dependency tracking

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 29 Jul 2017 21:10:17 +0000 (23:10 +0200)]

utils: rework lxc_deslashify()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 29 Jul 2017 16:16:10 +0000 (18:16 +0200)]

aufs: mark deprecated

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 29 Jul 2017 16:12:10 +0000 (18:12 +0200)]

rsync: remove obsolete helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 29 Jul 2017 15:27:18 +0000 (17:27 +0200)]

storage: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 29 Jul 2017 15:04:44 +0000 (17:04 +0200)]

tree-wide: struct bdev -> struct lxc_storage

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 29 Jul 2017 14:16:33 +0000 (16:16 +0200)]

storage: rename files "bdev" -> "storage"

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Fri, 28 Jul 2017 13:21:44 +0000 (15:21 +0200)]

overlay: rework overlay storage driver

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 25 Jul 2017 15:09:24 +0000 (17:09 +0200)]

zfs: rework zfs storage driver

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 25 Jul 2017 15:06:53 +0000 (17:06 +0200)]

storage: add rbd, zfs as block devices

When users create an unprivileged container as root they can use block devices.
However, we then need to perform a specific mount protocol in start.c which
requires that these block devices are correctly reported as block devices. So
let's do that.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 25 Jul 2017 11:02:30 +0000 (13:02 +0200)]

storage: make detect method return bool

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 24 Jul 2017 22:13:57 +0000 (00:13 +0200)]

rbd: rework rbd storage driver

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 24 Jul 2017 21:53:02 +0000 (23:53 +0200)]

rbd: rbd non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 24 Jul 2017 20:58:19 +0000 (22:58 +0200)]

loop: rework loop storage driver

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 25 Jul 2017 18:55:10 +0000 (20:55 +0200)]

btrfs: switch to new rsync helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 24 Jul 2017 15:49:03 +0000 (17:49 +0200)]

storage: switch to new rsync functions

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 24 Jul 2017 15:47:22 +0000 (17:47 +0200)]

rsync: add new rsync functions

We will fade out the old helpers soon.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 24 Jul 2017 15:03:32 +0000 (17:03 +0200)]

bdev: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 24 Jul 2017 14:32:10 +0000 (16:32 +0200)]

dir: improvements

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 24 Jul 2017 14:29:18 +0000 (16:29 +0200)]

dir: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Wed, 19 Jul 2017 00:24:17 +0000 (02:24 +0200)]

storage: rework lvm backend

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Wed, 19 Jul 2017 00:23:55 +0000 (02:23 +0200)]

storage: add arg to create_snapshot()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 16 Jul 2017 22:02:14 +0000 (00:02 +0200)]

btrfs: switch to btrfs_create_{clone,snapshot}()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 16 Jul 2017 22:01:46 +0000 (00:01 +0200)]

storage: add create_{clone,snapshot}()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 16 Jul 2017 20:58:47 +0000 (22:58 +0200)]

btrfs: simplify

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 16 Jul 2017 20:49:45 +0000 (22:49 +0200)]

btrfs: simplify

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 16 Jul 2017 20:36:01 +0000 (22:36 +0200)]

btrfs: only chown_mapped_root() if not btrfs

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 16 Jul 2017 20:35:50 +0000 (22:35 +0200)]

btrfs: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 16 Jul 2017 15:57:06 +0000 (17:57 +0200)]

btrfs: enable unprivileged snapshots

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 16 Jul 2017 15:56:29 +0000 (17:56 +0200)]

btrfs: export btrfs_snapshot_wrapper()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 16 Jul 2017 15:54:39 +0000 (17:54 +0200)]

btrfs: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 15 Jul 2017 20:50:15 +0000 (22:50 +0200)]

tools: remove empty snap directory

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 15 Jul 2017 19:49:44 +0000 (21:49 +0200)]

overlay: simplify and adapt to "overlay"

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 15 Jul 2017 19:02:15 +0000 (21:02 +0200)]

lvm: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 15 Jul 2017 13:34:39 +0000 (15:34 +0200)]

btrfs: simplify + bugfix

Closes #1698.
Closes #1703.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 15 Jul 2017 13:34:21 +0000 (15:34 +0200)]

lxccontainer: use snprintf()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 15 Jul 2017 13:32:52 +0000 (15:32 +0200)]

storage: default to orig type on identical paths

otherwise default to "dir"

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Mon, 31 Jul 2017 19:16:10 +0000 (15:16 -0400)]

Merge pull request #1721 from brauner/2017-07-30/fix_saved_config_handling

network parser fixes

commit | commitdiff | tree

Christian Brauner [Mon, 31 Jul 2017 17:57:57 +0000 (19:57 +0200)]

test: test for invalid network key

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 30 Jul 2017 20:15:43 +0000 (16:15 -0400)]

Merge pull request #1720 from hallyn/2017-07-29/cg

Fix some bugs in #1719

commit | commitdiff | tree

Christian Brauner [Sun, 30 Jul 2017 19:45:36 +0000 (21:45 +0200)]

lxccontainer: clear whole indexed networks

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 30 Jul 2017 19:42:40 +0000 (21:42 +0200)]

confile: use deindexed network keys

When we are passed a network key like "lxc.net.[i].ipv4.address" we need to
make sure that we pass the deindexed key "lxc.net.ipv4.address" to the
{get,clr,set} methods otherwise we'll end up in an endless loop.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Serge Hallyn [Sat, 29 Jul 2017 22:38:05 +0000 (17:38 -0500)]

Fix some bugs in #1719

In particular, any text (like a #comment) following the mode
would end up in our mode line.

Signed-off-by: Serge Hallyn <serge@hallyn.com>

commit | commitdiff | tree

Christian Brauner [Sat, 29 Jul 2017 21:03:55 +0000 (23:03 +0200)]

Merge pull request #1719 from hallyn/2017-07-28/cg

Fix up c8bf519d to fit our coding style

commit | commitdiff | tree

Serge Hallyn [Sat, 29 Jul 2017 04:25:41 +0000 (23:25 -0500)]

Fix up c8bf519d to fit our coding style

Also reduce the number of mallocs.

Signed-off-by: Serge Hallyn <serge@hallyn.com>

commit | commitdiff | tree

Serge Hallyn [Sat, 29 Jul 2017 03:31:54 +0000 (22:31 -0500)]

Merge pull request #1708 from aeris/master

Allow full path in lxc.devices.allow

commit | commitdiff | tree

Christian Brauner [Fri, 28 Jul 2017 20:10:37 +0000 (22:10 +0200)]

Merge pull request #1717 from hallyn/harri1

Use "rsync -SHaAX" to copy the cached rootfs into place

commit | commitdiff | tree

Harald Dunkel [Fri, 28 Jul 2017 18:08:02 +0000 (13:08 -0500)]

Use "rsync -SHaAX" to copy the cached rootfs into place

(updated by Serge to also handle hte new lxc-fedora{-legacy{.in
templates)

Signed-off-by: Harald Dunkel <harri@afaics.de>
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Acked-by: Serge Hallyn <serge@hallyn.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 28 Jul 2017 13:59:28 +0000 (15:59 +0200)]

Merge pull request #1716 from brauner/2017-07-28/bugfix

lvm: fix check

commit | commitdiff | tree

Christian Brauner [Fri, 28 Jul 2017 13:33:50 +0000 (15:33 +0200)]

lvm: fix check

Signed-off-by: Thomas Hipp <thipp@suse.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 28 Jul 2017 05:13:04 +0000 (07:13 +0200)]

Merge pull request #1715 from brauner/2017-07-27/fix_gcc7_bug

lvm: check whether lxc.bdev.lvm.vg is empty

commit | commitdiff | tree

Christian Brauner [Fri, 28 Jul 2017 04:17:28 +0000 (06:17 +0200)]

cgroups: use tight scoping

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Fri, 28 Jul 2017 04:17:01 +0000 (06:17 +0200)]

lvm: check whether lxc.bdev.lvm.vg is set

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 27 Jul 2017 19:33:19 +0000 (21:33 +0200)]

Merge pull request #1714 from brauner/2017-07-27/fix_gcc7_bug

cgroups: workaround gcc-7 bug

commit | commitdiff | tree

Christian Brauner [Thu, 27 Jul 2017 18:49:58 +0000 (20:49 +0200)]

cgroups: workaround gcc-7 bug

Also: LOL

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Serge Hallyn [Wed, 26 Jul 2017 23:12:46 +0000 (18:12 -0500)]

Merge pull request #1713 from brauner/2017-07-26/hybrid_cgroup_support

cgroups: handle hybrid cgroup layouts

commit | commitdiff | tree

Christian Brauner [Wed, 26 Jul 2017 13:15:27 +0000 (15:15 +0200)]

cgroups: handle hybrid cgroup layouts

Closes #1669.
Closes #1678.
Relates to https://github.com/systemd/systemd/issues/6408.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Wed, 26 Jul 2017 12:57:35 +0000 (14:57 +0200)]

utils: move helpers from cgfsng.c to utils.{c,h}

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

aeris [Wed, 19 Jul 2017 15:21:24 +0000 (17:21 +0200)]

Allow full path in lxc.devices.allow

Some devices like LVM or cryptsetup entries have no stable major/minor, changing between host reboots.
In this case, hardcoded numbers are not usable in config file and there is currently no way to use hook with lxc-device to do the link at guest startup :

* `pre-start`/`autodev` hook runs in host context but has the guest in stopped state and so lxc-device not usable
* `start` hook is in running state but runs in guest context and so lxc-device not available

This patch converts fullpath in lxc.devices.allow to current major/minor numbers to address those changing numbers.

Signed-off-by: aeris <aeris@imirhil.fr>

commit | commitdiff | tree

Serge Hallyn [Tue, 25 Jul 2017 15:18:10 +0000 (10:18 -0500)]

Merge pull request #1606 from brauner/2017-06-01/lxc_setup_after_cgroup_unshare

call lxc_setup() after unshare(CLONE_NEWCGROUP)

commit | commitdiff | tree

Christian Brauner [Thu, 1 Jun 2017 03:23:12 +0000 (05:23 +0200)]

start: lxc_setup() after unshare(CLONE_NEWCGROUP)

When the running kernel supports cgroup namespaces and users want to manually
set up cgroups via lxc.hook.mount before the init binary starts the cgroup
namespace needs to be already unshared. Otherwise the view on the cgroup mounts
is wrong. This commit places the call to lxc_setup() after the
LXC_SYNC_POST_CGROUP barrier.

Before this commit, the tty fds we allocate from a fresh devpts instance in the
container's namespaces before the init binary starts were referring to the
host's cgroup namespace since lxc_setup() was called before
unshare(CLONE_NEWCGROUP). Although not a security risk at this point since
setns() restricts its calls to /proc/<self>/ns files it's still better to do it
*after* the cgroup namespace has been unshared.

Adding a Suggested-by line for the lxc.mount.hook fix for Quentin.

Closes #1597.

Suggested-by: Quentin Dufour <quentin@dufour.tk>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 24 Jul 2017 00:47:33 +0000 (02:47 +0200)]

Merge pull request #1706 from lifeng68/do_remount

Fix issue #1702, do remount with the MS_REMOUNT flag when mounts with MS_RDONLY

commit | commitdiff | tree

Li Feng [Mon, 24 Jul 2017 08:26:52 +0000 (16:26 +0800)]

Using 'add-required_remount_flags' function to add required flags

Signed-off-by: Li Feng <lifeng68@huawei.com>

LXC mirror

RSS Atom