]>
git.proxmox.com Git - lxc.git/log
Wolfgang Bumiller [Fri, 16 Nov 2018 11:13:16 +0000 (12:13 +0100)]
bump version to 3.0.2+pve1-4
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Thu, 15 Nov 2018 11:21:56 +0000 (12:21 +0100)]
apparmor: allow various ro,remount,bind mounts
Required to enable new systemd sandboxing mechanisms.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Thu, 8 Nov 2018 09:01:39 +0000 (10:01 +0100)]
d/control: add missing build-dependencies
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Wed, 7 Nov 2018 16:06:35 +0000 (17:06 +0100)]
d/control: set Source package to lxc-pve
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Wed, 7 Nov 2018 16:04:28 +0000 (17:04 +0100)]
d/control: bump compat to 10
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Wed, 7 Nov 2018 16:01:47 +0000 (17:01 +0100)]
buildsys: split deb target into deb and src
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Thu, 11 Oct 2018 09:52:30 +0000 (11:52 +0200)]
bump version to 3.0.2+pve1-3
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Thu, 11 Oct 2018 09:48:58 +0000 (11:48 +0200)]
fixup patch names namespace separation patch
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Rhonda D'Vine [Thu, 6 Sep 2018 07:22:35 +0000 (09:22 +0200)]
Add debian/SOURCE to docs to install
The lxc packages were missing the SOURCE file in the docs.
Signed-off-by: Rhonda D'Vine <rhonda@proxmox.com>
Wolfgang Bumiller [Tue, 4 Sep 2018 13:00:12 +0000 (15:00 +0200)]
remove some non-default lxc.cap.drop entries
This really shouldn't be that much distro specific...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Tue, 4 Sep 2018 12:51:22 +0000 (14:51 +0200)]
bump version to 3.0.2+pve1-2
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Mon, 27 Aug 2018 09:49:29 +0000 (11:49 +0200)]
remove .gitignore as it contains only 1 entry
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Mon, 27 Aug 2018 09:48:08 +0000 (11:48 +0200)]
buildsys: remove update-template-configs target
Most of them aren't needed and we want to try to get rid of
these distro-specific configuration files in the long run.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Thomas Lamprecht [Thu, 23 Aug 2018 11:51:03 +0000 (13:51 +0200)]
config: opensuse.common: unset lxc.tty.dir key
not needed for *suse containers and results in cases where we get two
agetty processes when using xterm.js/noVNC (e.g., one on /dev/tty1
and one on /dev/lxc/tty1)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Wolfgang Bumiller [Mon, 20 Aug 2018 09:51:46 +0000 (11:51 +0200)]
bump version to 3.0.2+pve1-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fabian Grünbichler [Tue, 7 Aug 2018 09:41:44 +0000 (11:41 +0200)]
bump version to 3.0.1+pve2-1
Fabian Grünbichler [Tue, 7 Aug 2018 09:39:50 +0000 (11:39 +0200)]
cherry-pick CVE-2018-6556 fix
from upstream's stable-3.0 branch
Wolfgang Bumiller [Thu, 19 Jul 2018 09:33:35 +0000 (11:33 +0200)]
bump version to 3.0.1+pve1-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Wed, 2 May 2018 08:50:37 +0000 (10:50 +0200)]
bump version to 3.0.0-3
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Wed, 2 May 2018 08:43:05 +0000 (10:43 +0200)]
merge upstream bugfixes:
* fix some memory leaks
* fix temp file creation
* fix rootfs pinning with NFS
* drop supplementary groups on attach
* fix gid=5 mount option on /dev/pts
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Fri, 30 Mar 2018 08:20:02 +0000 (10:20 +0200)]
bump version to 3.0.0-2
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Fri, 30 Mar 2018 08:17:26 +0000 (10:17 +0200)]
install lxc-template configs again
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Fri, 30 Mar 2018 08:16:54 +0000 (10:16 +0200)]
update configs from lxc-templates
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Fri, 30 Mar 2018 07:50:10 +0000 (09:50 +0200)]
buildsys: GITVERSION fixup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Wed, 28 Mar 2018 11:53:28 +0000 (13:53 +0200)]
bump version to 3.0.0-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fabian Grünbichler [Mon, 5 Mar 2018 11:34:06 +0000 (12:34 +0100)]
bump version to 2.1.1-3
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Mon, 5 Mar 2018 11:34:05 +0000 (12:34 +0100)]
replace AA's feature-set with custom one
Debian's apparmor package introduced feature-set pinning in Debian
Stretch 9.4 to prevent problems with AA profiles packaged in Debian
Stretch which target Debian Stretch's 4.9 based kernel.
Since our LXC profiles rely on features not included in this feature
set, we need to replace the pinned feature-set with our own.
The features file is not a conf-file, so it is possible to just
dpkg-divert it on installation/upgrades.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Mon, 5 Mar 2018 11:34:04 +0000 (12:34 +0100)]
add AA feature set for 4.13.13-6-pve
copied from /etc/apparmor.d/cache/.features with disabled
feature-pinning to obtain kernel feature set
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Wolfgang Bumiller [Fri, 24 Nov 2017 12:48:07 +0000 (13:48 +0100)]
bump version to 2.1.1-2
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Fri, 24 Nov 2017 12:46:51 +0000 (13:46 +0100)]
merge lxc-console improvements from stable branch
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Mon, 20 Nov 2017 13:15:37 +0000 (14:15 +0100)]
buildsys: cleanup & dbgsym package switch
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Mon, 20 Nov 2017 10:14:38 +0000 (11:14 +0100)]
bump version to 2.1.1-1
And switch to using submodules.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Mon, 20 Nov 2017 10:15:06 +0000 (11:15 +0100)]
remove old README
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fabian Grünbichler [Wed, 4 Oct 2017 09:05:33 +0000 (11:05 +0200)]
build: reformat debian/control
using wrap-and-sort -abt
Wolfgang Bumiller [Tue, 19 Sep 2017 08:06:43 +0000 (10:06 +0200)]
bump version to 2.1.0-2
Wolfgang Bumiller [Tue, 19 Sep 2017 08:04:57 +0000 (10:04 +0200)]
update cgroup namespace separation patches
Wolfgang Bumiller [Wed, 6 Sep 2017 08:45:32 +0000 (10:45 +0200)]
bump version to 2.1.0-1
Wolfgang Bumiller [Wed, 6 Sep 2017 08:43:45 +0000 (10:43 +0200)]
update to lxc-2.1.0
Wolfgang Bumiller [Fri, 30 Jun 2017 09:02:08 +0000 (11:02 +0200)]
bump version to 2.0.8-3
Wolfgang Bumiller [Fri, 30 Jun 2017 09:01:14 +0000 (11:01 +0200)]
fix a segfault in lxc-attach
Wolfgang Bumiller [Wed, 31 May 2017 12:00:17 +0000 (14:00 +0200)]
bump version to 2.0.8-2
Wolfgang Bumiller [Wed, 31 May 2017 12:00:13 +0000 (14:00 +0200)]
merge resource limits and additional fixes
Wolfgang Bumiller [Fri, 12 May 2017 13:03:55 +0000 (15:03 +0200)]
bump version to 2.0.8-1
Wolfgang Bumiller [Fri, 10 Mar 2017 13:33:54 +0000 (14:33 +0100)]
update clean target
Wolfgang Bumiller [Fri, 10 Mar 2017 13:33:08 +0000 (14:33 +0100)]
bump version to 2.0.7-500 for stretch
Wolfgang Bumiller [Fri, 10 Mar 2017 08:28:55 +0000 (09:28 +0100)]
bump version to 2.0.7-4
Wolfgang Bumiller [Fri, 10 Mar 2017 08:10:53 +0000 (09:10 +0100)]
merge: CVE-2017-5985: Ensure target netns is caller-owned
Fabian Grünbichler [Tue, 14 Feb 2017 12:37:00 +0000 (13:37 +0100)]
fix whitespace error
Wolfgang Bumiller [Fri, 10 Feb 2017 14:14:09 +0000 (15:14 +0100)]
we're replacing with liblxc1
Wolfgang Bumiller [Fri, 10 Feb 2017 14:13:57 +0000 (15:13 +0100)]
buildsys: rules: use build architecture
Wolfgang Bumiller [Fri, 10 Feb 2017 11:07:25 +0000 (12:07 +0100)]
bump version to 2.0.7-3
Wolfgang Bumiller [Fri, 10 Feb 2017 09:28:26 +0000 (10:28 +0100)]
switch to git-patch workflow; add lxc-monitord.service
Wolfgang Bumiller [Fri, 10 Feb 2017 11:01:44 +0000 (12:01 +0100)]
enable parallel builds
Wolfgang Bumiller [Thu, 9 Feb 2017 12:26:48 +0000 (13:26 +0100)]
remove patch which has gone upstream
Wolfgang Bumiller [Thu, 9 Feb 2017 12:25:52 +0000 (13:25 +0100)]
buildsys: job-safe deb target
Wolfgang Bumiller [Thu, 2 Feb 2017 15:38:38 +0000 (16:38 +0100)]
drop cgmanager.service dependencies
Wolfgang Bumiller [Tue, 7 Feb 2017 12:36:50 +0000 (13:36 +0100)]
buildsys: make job safety
Wolfgang Bumiller [Thu, 2 Feb 2017 13:12:34 +0000 (14:12 +0100)]
bump version to 2.0.7-2
Wolfgang Bumiller [Thu, 2 Feb 2017 13:08:41 +0000 (14:08 +0100)]
also remove the Delegate option from lxc@.service
Wolfgang Bumiller [Thu, 2 Feb 2017 10:17:34 +0000 (11:17 +0100)]
use forking mode for lxc@.service
Wolfgang Bumiller [Wed, 25 Jan 2017 09:48:54 +0000 (10:48 +0100)]
update to lxc-2.0.7
Wolfgang Bumiller [Fri, 23 Dec 2016 14:54:27 +0000 (15:54 +0100)]
bump version to 2.0.6-5
Wolfgang Bumiller [Fri, 23 Dec 2016 14:53:35 +0000 (15:53 +0100)]
update cgroup namespace separation patches
Wolfgang Bumiller [Thu, 22 Dec 2016 13:50:00 +0000 (14:50 +0100)]
bump version to 2.0.6-4
Wolfgang Bumiller [Thu, 22 Dec 2016 13:49:18 +0000 (14:49 +0100)]
restore backward cgroup namespace backward compatibility
Wolfgang Bumiller [Thu, 22 Dec 2016 11:24:34 +0000 (12:24 +0100)]
bump version to 2.0.6-3
Wolfgang Bumiller [Thu, 22 Dec 2016 11:23:39 +0000 (12:23 +0100)]
update cgroup namespace separation patches
Wolfgang Bumiller [Fri, 2 Dec 2016 13:24:56 +0000 (14:24 +0100)]
bump version to 2.0.6-2
Wolfgang Bumiller [Fri, 2 Dec 2016 13:17:20 +0000 (14:17 +0100)]
merge: tools: lxc-start: set configfile after load_config
Wolfgang Bumiller [Thu, 24 Nov 2016 08:48:55 +0000 (09:48 +0100)]
build-dependencies: add bash-completion
Wolfgang Bumiller [Thu, 24 Nov 2016 08:27:20 +0000 (09:27 +0100)]
update to lxc-2.0.6
Wolfgang Bumiller [Tue, 15 Nov 2016 14:58:57 +0000 (15:58 +0100)]
bump version to 2.0.5-2
Wolfgang Bumiller [Tue, 15 Nov 2016 09:13:27 +0000 (10:13 +0100)]
add cgroup-namespace separation directory patch
Wolfgang Bumiller [Tue, 15 Nov 2016 09:19:26 +0000 (10:19 +0100)]
drop: use /var/lib/vz as default dir patch
This made lxc-create use /var/lib/vz/private as default
storage which doesn't really make much sense.
(We use images/$vmid/vm-$vmid-disk-$id.subvol/ for size=0
storages and the private/ directory isn't really used at all
anymore).
Wolfgang Bumiller [Tue, 15 Nov 2016 08:53:17 +0000 (09:53 +0100)]
packaging: drop old unused patch files
Wolfgang Bumiller [Thu, 3 Nov 2016 09:25:20 +0000 (10:25 +0100)]
override dh_fixperms to fix lxc-user-nic permissions
It's supposed to be setuid root and is required for
unprivileged users to directly use lxc-start.
Wolfgang Bumiller [Wed, 9 Nov 2016 10:18:17 +0000 (11:18 +0100)]
conf: merge network namespace move & rename on shutdown
This is upstream already and fixes issues with shutting down
and restarting containers with a physical network device
passed through.
Fabian Grünbichler [Wed, 9 Nov 2016 08:43:51 +0000 (09:43 +0100)]
add fix for rw sysfs issue
originally reported by Patrick William of Rack911Labs.
note: this has a slight (but unavoidable) potential for
breakage for containers that need a rw /sys for whatever
reason. those should already have set "lxc.mount.auto" to
contain "sys:rw" (or use a custom AA profile), because
remounting /sys rw is only possible with trickery inside the
container even without this patch.
Wolfgang Bumiller [Thu, 6 Oct 2016 11:47:08 +0000 (13:47 +0200)]
update to lxc-2.0.5
Wolfgang Bumiller [Thu, 8 Sep 2016 07:01:58 +0000 (09:01 +0200)]
buildsys: use the ARCH variable for package names
Wolfgang Bumiller [Thu, 18 Aug 2016 06:43:15 +0000 (08:43 +0200)]
update --rcfile patches
Wolfgang Bumiller [Tue, 16 Aug 2016 07:39:18 +0000 (09:39 +0200)]
update to lxc-2.0.4
and pull --rcfile as common option branch
Dietmar Maurer [Fri, 5 Aug 2016 11:07:58 +0000 (13:07 +0200)]
use new repoman for upload target
Dietmar Maurer [Fri, 5 Aug 2016 11:05:58 +0000 (13:05 +0200)]
bump version to 2.0.3-4
Wolfgang Bumiller [Fri, 29 Jul 2016 09:58:02 +0000 (11:58 +0200)]
use dh_apparmor for the lxc-containers profile
for consistency, this also ignores profile-reload errors
(again so that we can install it in a chroot without
unnecessary installation failures)
Wolfgang Bumiller [Fri, 29 Jul 2016 09:58:01 +0000 (11:58 +0200)]
patch: conf: set pty_info to NULL after free
This is upstream and will be in the next release.
Dietmar Maurer [Wed, 27 Jul 2016 11:24:25 +0000 (13:24 +0200)]
Makefile: set DEBREL=3 (in sync with changelog)
Wolfgang Bumiller [Wed, 27 Jul 2016 10:13:21 +0000 (12:13 +0200)]
bump version to 2.0.3-3
Wolfgang Bumiller [Wed, 27 Jul 2016 10:13:15 +0000 (12:13 +0200)]
update apparmor profiles in postinstall
Wolfgang Bumiller [Wed, 27 Jul 2016 09:11:16 +0000 (11:11 +0200)]
bump version to 2.0.3-2, drop cgmanager dependency
Dominik Csapak [Tue, 12 Jul 2016 07:27:45 +0000 (09:27 +0200)]
update changelog and pkg version
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dominik Csapak [Tue, 12 Jul 2016 07:27:44 +0000 (09:27 +0200)]
drop patches applied upstream
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dominik Csapak [Tue, 12 Jul 2016 07:27:43 +0000 (09:27 +0200)]
rebase systemd service patch and var lib vz patch
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dominik Csapak [Tue, 12 Jul 2016 07:27:42 +0000 (09:27 +0200)]
update to 2.0.3
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Fabian Grünbichler [Thu, 11 Feb 2016 13:12:33 +0000 (14:12 +0100)]
add missing Build-Depends
Dietmar Maurer [Mon, 8 Feb 2016 10:48:44 +0000 (11:48 +0100)]
bump version to 1.1.5-7
Wolfgang Bumiller [Fri, 5 Feb 2016 07:44:19 +0000 (08:44 +0100)]
Add apparmor patch for /run -> /var/run binding
Fixes some issues (mount retry loops) with suse 13.1 and
13.2 containers.
Dietmar Maurer [Fri, 15 Jan 2016 11:44:57 +0000 (12:44 +0100)]
bump version to 1.1.5-6
Wolfgang Bumiller [Thu, 14 Jan 2016 14:53:56 +0000 (15:53 +0100)]
use --no-restart-on-upgrade for dh_systemd_start
Otherise the lxc.service is restarted when upgrading the
package causing all containers to be stopped.
Note that this affects the 'prerm' portion of the package so
upgrading from an older package to this one still performs
the old version's stop action.
Dietmar Maurer [Wed, 2 Dec 2015 09:58:42 +0000 (10:58 +0100)]
set RELEASE=4.1