Andrew Phillips [Mon, 14 Jun 2010 09:34:50 +0000 (11:34 +0200)]
support shutdown/reboot with upstart within a system container
Improve resiliency of utmp.c to removal of /var/run/utmp
Add shutdown timer as we transition to shutdown from running to check for the
number of tasks remaining. Improve container state handling. We can't rely on
the previous runlevel being maintained properly.
Signed-off-by: Andrew Phillips <Andrew.Phillips@lmax.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Ferenc Wagner [Fri, 11 Jun 2010 13:56:25 +0000 (15:56 +0200)]
change pivotdir default to mnt
The mnt directory has a good chance to already exist in the new root
filesystem, so creation and removal can be avoided. This also eases
use of read only root filesystems (no configuration necessary).
Signed-off-by: Ferenc Wagner <wferi@niif.hu> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Mon, 7 Jun 2010 11:25:30 +0000 (13:25 +0200)]
fix ipv6 acast / mcast restriction
Pointer comparison is buggy as they are never null.
For an ipv6 address configuration, we always zeroed the structure,
hence the bcast and acast structure are equal to in6addr_any.
Any change of this value means the user specified something different
in the configuration file, so we fail gracefully.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Mon, 7 Jun 2010 09:33:55 +0000 (11:33 +0200)]
move script templates to an adequate place
At present the lxc-{template} scripts are installed in the $bindir.
This is not the right place as specified by the FHS, so they go to
$libdir/lxc/templates.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Andrew Phillips [Mon, 7 Jun 2010 09:33:55 +0000 (11:33 +0200)]
Fix spec file
After I resynced to git head I noticed that this commit;
http://lxc.git.sourceforge.net/git/gitweb.cgi?p=lxc/lxc;a=commit;h=d674be08d4b282bb4717c51440811e39d3c2431e
broke the rpm build.
This patch fixes this.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: Andrew Phillips <Andrew.Phillips@lmax.com>
Daniel Lezcano [Tue, 1 Jun 2010 16:56:54 +0000 (18:56 +0200)]
fix busybox template
Fix various bug with the busybox template:
* add a warning when busybox is not statically linked
* delete the password for root (chpasswd is not available for all busybox)
* add the new pts option
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Tue, 1 Jun 2010 16:56:54 +0000 (18:56 +0200)]
Fix ubuntu template
- Fixed rootfs path.
- Removed network section, it should to be passed to the lxc-create
configuration option in order to concatenate the configuration files
- Generate en_US local instead of de_DE
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Tue, 1 Jun 2010 10:13:32 +0000 (12:13 +0200)]
fix compilation warnings
Fix the following warnings:
console.c: In function ‘console_handler’:
console.c:252: warning: ignoring return value of ‘write’, declared with attribute warn_unused_result
console.c:254: warning: ignoring return value of ‘write’, declared with attribute warn_unused_result
conf.c: In function ‘instanciate_veth’:
conf.c:1130: warning: ignoring return value of ‘mktemp’, declared with attribute warn_unused_result
conf.c:1135: warning: ignoring return value of ‘mktemp’, declared with attribute warn_unused_result
conf.c: In function ‘instanciate_macvlan’:
conf.c:1206: warning: ignoring return value of ‘mktemp’, declared with attribute warn_unused_result
af_unix.c: In function ‘lxc_af_unix_send_fd’:
af_unix.c:124: warning: dereferencing type-punned pointer will break strict-aliasing rules
af_unix.c: In function ‘lxc_af_unix_recv_fd’:
af_unix.c:169: warning: dereferencing type-punned pointer will break strict-aliasing rules
af_unix.c: In function ‘lxc_af_unix_send_credential’:
af_unix.c:195: warning: dereferencing type-punned pointer will break strict-aliasing rules
af_unix.c: In function ‘lxc_af_unix_rcv_credential’:
af_unix.c:237: warning: dereferencing type-punned pointer will break strict-aliasing rules
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Thu, 27 May 2010 12:27:13 +0000 (14:27 +0200)]
move lxc-init to $libdir/lxc
As specified by FHS:
/usr/lib includes object files, libraries, and internal binaries that
are not intended to be executed directly by users or shell scripts.
Applications may use a single subdirectory under /usr/lib. If an
application uses a subdirectory, all architecture-dependent data
exclusively used by the application must be placed within that
subdirectory.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Thu, 27 May 2010 12:27:13 +0000 (14:27 +0200)]
change the rootfs mount location and add the README
Previous path was $libdir/lxc, changed to $libdir/lxc/rootfs.
Added a README file to be placed in this directory, describing
the purpose of this empty directory. Having a file to be installed
in this directory makes the Makefile to automatically create the
directory at install time.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Cedric Le Goater [Wed, 26 May 2010 19:43:53 +0000 (21:43 +0200)]
introduce a sync API
The following patch wrap the calls on the synchronisation
socketpair in a lxc_sync_ API. It hopefully clarifies what
is done in the start sequence to the expense of more lines
of code ...
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Cedric Le Goater [Wed, 26 May 2010 14:54:48 +0000 (16:54 +0200)]
merge lxc_restart() and lxc_start()
now that we have specific operations and specific arguments for each
sequence, lxc_restart() and lxc_start() can easily be merged under
a common subroutine.
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Cedric Le Goater [Wed, 26 May 2010 14:54:48 +0000 (16:54 +0200)]
replace common start_arg by private start_arg
the following patch moves the start argument in private
structs which are opaque to lxc_spawn(). To achieve this goal,
we need to move the sv[2] socketpair and lxc_handler
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Denis Rizaev [Mon, 24 May 2010 13:06:36 +0000 (15:06 +0200)]
fix initial run level
I did a little investigation about runlevels and i think we can assume
runlevels 2-5 as normal. So, we can check if system was in runlevel 2-5
and proc count is 1 and now we are in 0/6.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: Denis Rizaev <Denis.Rizaev@trueoffice.ru>
Daniel Lezcano [Wed, 12 May 2010 21:44:28 +0000 (23:44 +0200)]
add a configure option to set a rootfs mount point
Add a configure option to set a mount point path when using a rootfs,
that will replace the actual behavior which creates uneeded /tmp/lxc**
directories.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Ferenc Wagner [Mon, 10 May 2010 09:50:10 +0000 (11:50 +0200)]
no need to use a temporary directory for pivoting
Ferenc Wagner <wferi@niif.hu> writes:
> Daniel Lezcano <dlezcano@fr.ibm.com> writes:
>
>> Ferenc Wagner wrote:
>>
>>> Daniel Lezcano <daniel.lezcano@free.fr> writes:
>>>
>>>> Ferenc Wagner wrote:
>>>>
>>>>> While playing with lxc-start, I noticed that /tmp is infested by
>>>>> empty lxc-r* directories: [...] Ok, this name comes from lxc-rootfs
>>>>> in conf.c:setup_rootfs. After setup_rootfs_pivot_root returns, the
>>>>> original /tmp is not available anymore, so rmdir(tmpname) at the
>>>>> bottom of setup_rootfs can't achieve much. Why is this temporary
>>>>> name needed anyway? Is pivoting impossible without it?
>>>>
>>>> That was put in place with chroot, before pivot_root, so the distro's
>>>> scripts can remount their '/' without failing.
>>>>
>>>> Now we have pivot_root, I suppose we can change that to something cleaner...
>>>
>>> Like simply nuking it? Shall I send a patch?
>>
>> Sure, if we can kill it, I will be glad to take your patch :)
>
> I can't see any reason why lxc-start couldn't do without that temporary
> recursive bind mount of the original root. If neither do you, I'll
> patch it out and see if it still flies.
For my purposes the patch below works fine. I only run applications,
though, not full systems, so wider testing is definitely needed.
Guillaume Zitta [Mon, 10 May 2010 09:50:10 +0000 (11:50 +0200)]
make lxc-checkconfig more explicit
With a friend, we installed lxc on his server.
We spend 1 hour on the kernel config because we didn't knew :
- that lxc-checkconfig is a bash script and it can check a config before
running it
- which kernel config item whas not good
- that CONFIG_SECURITY_FILE_CAPABILITIES is obsolete since 2.6.33
So, here is a patch for lxc-checkconfig that could save time for lxc newbies
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Modified-by: Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by: Guillaume Zitta <lxc@zitta.fr>
Daniel Lezcano [Mon, 10 May 2010 09:50:09 +0000 (11:50 +0200)]
update INSTALL file
"lxc configure does not exist. You need to run ./autogen.sh to create it.
I think it needs to either be documented in INSTALL or you provide ./configure"
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Reported-by: Jamal Hadi Salim <hadi@cyberus.ca>
Daniel Lezcano [Mon, 10 May 2010 09:50:09 +0000 (11:50 +0200)]
fix pivot_root temporary directory
First of all, when trying to start a container in a read-only root
lxc-start complains:
lxc-start: Read-only file system - can't make temporary mountpoint
This is in conf.c:setup_rootfs_pivot_root() function. That function
uses optional parameter "lxc.pivotdir", or creates (and later removes)
a temporary directory for pivot_root. Obviously there's no way to
create a directory in a read-only filesystem.
But lxc.pivotdir does not work either. In the function mentioned above
it is used with leading dot (eg. if I specify "lxc.pivotdir=pivot" in
the config file the pivot_root() syscall will be made to ".pivot" with
leading dot, not to "pivot"), but later on it is used without that dot,
and fails:
lxc-start: No such file or directory - failed to open /pivot/proc/mounts
lxc-start: No such file or directory - failed to read or parse mount list '/pivot/proc/mounts'
lxc-start: failed to pivot_root to '/stage/t'
(that's with "lxc.pivotdir = pivot" in the config file). After symlinking
pivot to .pivot it still fails:
lxc-start: Device or resource busy - could not unmount old rootfs
lxc-start: failed to pivot_root to '/stage/t'
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Reported-by: Michael Tokarev <mjt@tls.msk.ru>
Daniel Lezcano [Mon, 10 May 2010 09:50:09 +0000 (11:50 +0200)]
Fix console infinite loop
When the client console exits, the mainloop goes in an infinite loop
as the handler is not removed and we are notified from the disconnection
indefinitely.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Fri, 7 May 2010 12:37:05 +0000 (14:37 +0200)]
do not exit mainloop when child is stopped
When the init container is stopped, we don't check this condition
and we assume the child exited and we wait indefinitely for the child
to exit while this one is stopped.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Michel Normand [Thu, 29 Apr 2010 08:03:59 +0000 (10:03 +0200)]
lxc: remove perror call in nl.c (V2)
There is only one such perror call, so remove it in nl.c
In this same patch, verify that all functions of nl.c and network.c
are reporting a -errno value in case of error;
value that is reported in lxc log by the callers in conf.c
Signed-off-by: Michel Normand <normand@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
lxc-kill send a signal to the process 1 of the container.
If this command is used on an application container ran by
lxc-execute, the lxc-init will receive the signal and will forward it to
the process 2 which is the command specified in the command line.
Signed-off-by: Greg Kurz <gkurz@fr.ibm.com> Signed-off-by: Michel Normand <normand@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
projects / mirror_lxc.git / log