git.proxmox.com Git - lxc.git/log

]> git.proxmox.com Git - lxc.git/log

projects / lxc.git / log

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 7 Apr 2020 07:07:08 +0000 (09:07 +0200)]

update to current master: devices cgroup isolation fixes

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 27 Mar 2020 08:59:10 +0000 (09:59 +0100)]

bump version to 4.0.0-1

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 6 Apr 2020 12:23:59 +0000 (14:23 +0200)]

pve-container is going to 3.1-1, update Breaks

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 6 Apr 2020 09:19:21 +0000 (11:19 +0200)]

Breaks: pve-container (<= 3.0-24)

We dropped some configuration aptches with lxc-4 which
pve-container needs to account for when writing a
container's /var/lib/lxc/$vmid/config file, so lxc-4 should
not be used with an older pve-container package.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 27 Mar 2020 08:56:36 +0000 (09:56 +0100)]

update to master / lxc-4.0.0+fixes

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 2 Apr 2020 13:24:08 +0000 (15:24 +0200)]

postinst fixup

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Fabian Grünbichler [Wed, 6 Nov 2019 10:08:54 +0000 (11:08 +0100)]

postinst: reload/restart lxc.service later

since the debhelper-generated default enabling should come before we
attempt to start/reload/restart it.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

commit | commitdiff | tree

Fabian Grünbichler [Wed, 6 Nov 2019 10:08:53 +0000 (11:08 +0100)]

postinst: ignore lxc.service reload errors

otherwise this could fail posinst execution (and thus package
installation!) on systems coming from plain Debian, or where lxc.service
is masked.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 23 Oct 2019 09:05:22 +0000 (11:05 +0200)]

bump version to 3.2.1-1

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 23 Oct 2019 08:59:06 +0000 (10:59 +0200)]

build with pve-libseccomp2.4

To allow syscall interception.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 23 Oct 2019 08:58:14 +0000 (10:58 +0200)]

update to current master

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 3 Sep 2019 12:09:09 +0000 (14:09 +0200)]

bump version to 3.1.0-65

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 3 Sep 2019 12:07:44 +0000 (14:07 +0200)]

update apparmor patch

the previous patch removed some required lines from the
nesting profile part, this brings it closer to lxd plus the
additional read-only-bind-remount rule generation

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 13 Aug 2019 12:02:55 +0000 (14:02 +0200)]

bump version to 3.1.0-64

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 13 Aug 2019 12:18:47 +0000 (14:18 +0200)]

merge fix for 'getent' in lxc-attach

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 13 Aug 2019 12:01:27 +0000 (14:01 +0200)]

fix issues with shell detection on attach

Merge: attach: always use getent

Commit message:
In debian buster, some libnss plugins (if installed) can
cause getpwent to segfault instead of erroring out cleanly.
To avoid this, stick to always using getent.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 9 Aug 2019 09:48:30 +0000 (11:48 +0200)]

bump version to 3.1.0-63

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 9 Aug 2019 08:49:43 +0000 (10:49 +0200)]

merge new apparmor profile update

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 5 Aug 2019 07:23:41 +0000 (09:23 +0200)]

bump version to 3.1.0-62

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 2 Aug 2019 11:01:30 +0000 (13:01 +0200)]

update apparmor profile

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 11 Jul 2019 10:14:18 +0000 (12:14 +0200)]

fixup

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 11 Jul 2019 10:13:23 +0000 (12:13 +0200)]

bump version to 3.1.0-61

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 11 Jul 2019 10:11:27 +0000 (12:11 +0200)]

bump compat to 11, fix reloading of lxc.service

Add a patch to add an ExecReload for lxc.service, and use
the new dh_installsystemd instead of the old
dh_systemd_start.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 3 Jul 2019 14:29:32 +0000 (16:29 +0200)]

d/rules: whitespace fixup

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Thomas Lamprecht [Wed, 22 May 2019 10:34:31 +0000 (12:34 +0200)]

buildsys: switch upload dist over to buster

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

commit | commitdiff | tree

Thomas Lamprecht [Wed, 22 May 2019 10:30:23 +0000 (12:30 +0200)]

bump version to 3.1.0-60

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

commit | commitdiff | tree

Thomas Lamprecht [Wed, 22 May 2019 10:28:27 +0000 (12:28 +0200)]

bump debian compat level to 10

This allows to remove a few dependencies and flags from dh which are
now implied or obsolete

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

commit | commitdiff | tree

Thomas Lamprecht [Wed, 22 May 2019 10:28:08 +0000 (12:28 +0200)]

buildsys: use dpkg-dev makefile helpers for pkg info

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 12 Feb 2019 07:07:15 +0000 (08:07 +0100)]

bump version to 3.1.0-3

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 12 Feb 2019 07:07:07 +0000 (08:07 +0100)]

merge fix for CVE-2019-5736

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 17 Jan 2019 08:24:16 +0000 (09:24 +0100)]

bump version to 3.1.0-2

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 17 Jan 2019 08:22:01 +0000 (09:22 +0100)]

merge 2 fixups:

* Revert "conf: remove extra MS_BIND with sysfs:mixed"
    This should let privileged Ubuntu 14.04 containers boot
    again.

* conf: use SYSERROR on lxc_write_to_file errors
    Slightly more useful error output in a specific error
    case.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 17 Jan 2019 08:32:04 +0000 (09:32 +0100)]

buildsys: use dpkg-parsechangelog

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 2 Jan 2019 08:40:29 +0000 (09:40 +0100)]

update to lxc-3.1.0

The default cgroup pattern was switched from lxc/%n to
lxc.payload/%n, so add a ./configure option to revert this
change as PVE expects containers in lxc/%n.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 19 Nov 2018 11:16:52 +0000 (12:16 +0100)]

bump version to 3.0.2+pve1-5

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 19 Nov 2018 11:29:35 +0000 (12:29 +0100)]

Revert "d/control: bump compat to 10"

The new dh_systemd_start parameter behavior is stupid.
Might be less so with compat 11 later on...

This reverts commit 4d672101f14f9e5358b8b79bd11c3d9b783af482.

commit | commitdiff | tree

Oguz Bektas [Tue, 20 Nov 2018 09:11:11 +0000 (10:11 +0100)]

fix typo in package description

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 16 Nov 2018 11:13:16 +0000 (12:13 +0100)]

bump version to 3.0.2+pve1-4

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 15 Nov 2018 11:21:56 +0000 (12:21 +0100)]

apparmor: allow various ro,remount,bind mounts

Required to enable new systemd sandboxing mechanisms.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 8 Nov 2018 09:01:39 +0000 (10:01 +0100)]

d/control: add missing build-dependencies

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 7 Nov 2018 16:06:35 +0000 (17:06 +0100)]

d/control: set Source package to lxc-pve

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 7 Nov 2018 16:04:28 +0000 (17:04 +0100)]

d/control: bump compat to 10

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 7 Nov 2018 16:01:47 +0000 (17:01 +0100)]

buildsys: split deb target into deb and src

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 11 Oct 2018 09:52:30 +0000 (11:52 +0200)]

bump version to 3.0.2+pve1-3

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 11 Oct 2018 09:48:58 +0000 (11:48 +0200)]

fixup patch names namespace separation patch

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Rhonda D'Vine [Thu, 6 Sep 2018 07:22:35 +0000 (09:22 +0200)]

Add debian/SOURCE to docs to install

The lxc packages were missing the SOURCE file in the docs.

Signed-off-by: Rhonda D'Vine <rhonda@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 4 Sep 2018 13:00:12 +0000 (15:00 +0200)]

remove some non-default lxc.cap.drop entries

This really shouldn't be that much distro specific...

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Tue, 4 Sep 2018 12:51:22 +0000 (14:51 +0200)]

bump version to 3.0.2+pve1-2

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 27 Aug 2018 09:49:29 +0000 (11:49 +0200)]

remove .gitignore as it contains only 1 entry

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 27 Aug 2018 09:48:08 +0000 (11:48 +0200)]

buildsys: remove update-template-configs target

Most of them aren't needed and we want to try to get rid of
these distro-specific configuration files in the long run.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Thomas Lamprecht [Thu, 23 Aug 2018 11:51:03 +0000 (13:51 +0200)]

config: opensuse.common: unset lxc.tty.dir key

not needed for *suse containers and results in cases where we get two
agetty processes when using xterm.js/noVNC (e.g., one on /dev/tty1
and one on /dev/lxc/tty1)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 20 Aug 2018 09:51:46 +0000 (11:51 +0200)]

bump version to 3.0.2+pve1-1

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Fabian Grünbichler [Tue, 7 Aug 2018 09:41:44 +0000 (11:41 +0200)]

bump version to 3.0.1+pve2-1

commit | commitdiff | tree

Fabian Grünbichler [Tue, 7 Aug 2018 09:39:50 +0000 (11:39 +0200)]

cherry-pick CVE-2018-6556 fix

from upstream's stable-3.0 branch

commit | commitdiff | tree

Wolfgang Bumiller [Thu, 19 Jul 2018 09:33:35 +0000 (11:33 +0200)]

bump version to 3.0.1+pve1-1

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 2 May 2018 08:50:37 +0000 (10:50 +0200)]

bump version to 3.0.0-3

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 2 May 2018 08:43:05 +0000 (10:43 +0200)]

merge upstream bugfixes:

  * fix some memory leaks
  * fix temp file creation
  * fix rootfs pinning with NFS
  * drop supplementary groups on attach
  * fix gid=5 mount option on /dev/pts

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 30 Mar 2018 08:20:02 +0000 (10:20 +0200)]

bump version to 3.0.0-2

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 30 Mar 2018 08:17:26 +0000 (10:17 +0200)]

install lxc-template configs again

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 30 Mar 2018 08:16:54 +0000 (10:16 +0200)]

update configs from lxc-templates

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 30 Mar 2018 07:50:10 +0000 (09:50 +0200)]

buildsys: GITVERSION fixup

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Wed, 28 Mar 2018 11:53:28 +0000 (13:53 +0200)]

bump version to 3.0.0-1

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Fabian Grünbichler [Mon, 5 Mar 2018 11:34:06 +0000 (12:34 +0100)]

bump version to 2.1.1-3

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

commit | commitdiff | tree

Fabian Grünbichler [Mon, 5 Mar 2018 11:34:05 +0000 (12:34 +0100)]

replace AA's feature-set with custom one

Debian's apparmor package introduced feature-set pinning in Debian
Stretch 9.4 to prevent problems with AA profiles packaged in Debian
Stretch which target Debian Stretch's 4.9 based kernel.

Since our LXC profiles rely on features not included in this feature
set, we need to replace the pinned feature-set with our own.

The features file is not a conf-file, so it is possible to just
dpkg-divert it on installation/upgrades.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

commit | commitdiff | tree

Fabian Grünbichler [Mon, 5 Mar 2018 11:34:04 +0000 (12:34 +0100)]

add AA feature set for 4.13.13-6-pve

copied from /etc/apparmor.d/cache/.features with disabled
feature-pinning to obtain kernel feature set

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 24 Nov 2017 12:48:07 +0000 (13:48 +0100)]

bump version to 2.1.1-2

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Fri, 24 Nov 2017 12:46:51 +0000 (13:46 +0100)]

merge lxc-console improvements from stable branch

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 20 Nov 2017 13:15:37 +0000 (14:15 +0100)]

buildsys: cleanup & dbgsym package switch

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

commit | commitdiff | tree

Wolfgang Bumiller [Mon, 20 Nov 2017 10:14:38 +0000 (11:14 +0100)]

bump version to 2.1.1-1

And switch to using submodules.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>