]>
git.proxmox.com Git - mirror_lxc.git/log
Christian Brauner [Fri, 3 Sep 2021 09:04:58 +0000 (11:04 +0200)]
commands: fix integer comparisons
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 09:03:07 +0000 (11:03 +0200)]
criu: fix integer comparisons
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 08:49:34 +0000 (10:49 +0200)]
confile_utils: fix integer comparisons
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 08:30:16 +0000 (10:30 +0200)]
tree-wide: fix attach header inclusion
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 08:25:01 +0000 (10:25 +0200)]
conf: fix array initalization
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 08:21:18 +0000 (10:21 +0200)]
conf: fix struct mount_attr initalization
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 08:14:55 +0000 (10:14 +0200)]
string_utils: fix integer comparisons
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 08:14:44 +0000 (10:14 +0200)]
conf: fix integer comparisons
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 08:01:51 +0000 (10:01 +0200)]
lsm: fix integer comparisons
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 07:51:17 +0000 (09:51 +0200)]
attach: fix helper declarations
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 07:42:11 +0000 (09:42 +0200)]
storage: fix integer comparisons
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 07:35:34 +0000 (09:35 +0200)]
confile: fix integer comparisons
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 07:34:59 +0000 (09:34 +0200)]
cgroups: fix integer comparisons
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 07:31:50 +0000 (09:31 +0200)]
syscall_wrapper: fix pivot_root() declaration
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 3 Sep 2021 07:25:56 +0000 (09:25 +0200)]
build: add src/include to build and simplify header inclusions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 2 Sep 2021 17:57:28 +0000 (13:57 -0400)]
Merge pull request #3962 from brauner/2021-09-02.fixes
tree-wide: build fixes
Christian Brauner [Thu, 2 Sep 2021 14:21:33 +0000 (16:21 +0200)]
tree-wide: fix build
Fixes: #3960
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 2 Sep 2021 13:57:05 +0000 (15:57 +0200)]
include: make all functions __hidden
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Wed, 1 Sep 2021 15:57:58 +0000 (11:57 -0400)]
Merge pull request #3959 from brauner/2021-09-01.fixes
configure: add sanitizer flags to LDFLAGS as well
Christian Brauner [Wed, 1 Sep 2021 07:46:58 +0000 (09:46 +0200)]
configure: add sanitizer flags to LDFLAGS as well
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Mon, 30 Aug 2021 20:44:37 +0000 (16:44 -0400)]
Merge pull request #3957 from brauner/2021-08-27.list.2
conf: port more types to new list type
Christian Brauner [Mon, 30 Aug 2021 16:05:29 +0000 (18:05 +0200)]
lxccontainer: don't pass NULL pointer
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 30 Aug 2021 15:55:09 +0000 (17:55 +0200)]
lxccontainer: fail when container can't be loaded
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 30 Aug 2021 13:21:53 +0000 (15:21 +0200)]
lxccontainer: remove useless {}
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 30 Aug 2021 13:19:25 +0000 (15:19 +0200)]
lxccontainer: use free_disarm() in list_all_containers()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 30 Aug 2021 12:37:06 +0000 (14:37 +0200)]
lxc-usernsexec: small tweaks
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 30 Aug 2021 11:52:51 +0000 (13:52 +0200)]
tree-wide: fix list_entry()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 30 Aug 2021 12:19:30 +0000 (14:19 +0200)]
Merge pull request #3954 from blenk92/fix-attach-c2
attach: Fix -c option v2 :-D
Maximilian Blenk [Mon, 23 Aug 2021 13:39:28 +0000 (15:39 +0200)]
attach: Fix -c command
Currently, the -c command (to set the selinux context) seems to be
broken because the passed context is ignored and always overwritten by
the context specified in the config file. The intention behind the -c
imho was to be able to manually overwrite this behavior. This patch
ensures that the selinux context will be set if passed via the command
line.
Signed-off-by: Maximilian Blenk <Maximilian.Blenk@bmw.de>
Christian Brauner [Fri, 27 Aug 2021 14:14:19 +0000 (16:14 +0200)]
lxccontainer: tweak some array handling helpers
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 27 Aug 2021 14:00:45 +0000 (16:00 +0200)]
lxccontainer: improve add_to_clist()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 27 Aug 2021 13:59:39 +0000 (15:59 +0200)]
lxccontainer: improve add_to_array()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 27 Aug 2021 13:12:00 +0000 (15:12 +0200)]
conf: port groups to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 27 Aug 2021 12:57:51 +0000 (14:57 +0200)]
conf: port hooks to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 27 Aug 2021 12:51:01 +0000 (14:51 +0200)]
conf: port apparmor to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Fri, 27 Aug 2021 12:45:14 +0000 (08:45 -0400)]
Merge pull request #3956 from brauner/2021-08-27.list
conf: port more types to new list type
Christian Brauner [Fri, 27 Aug 2021 11:08:09 +0000 (13:08 +0200)]
conf: port mounts to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 27 Aug 2021 09:15:19 +0000 (11:15 +0200)]
cgroups: fix bpf device list
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 27 Aug 2021 08:36:48 +0000 (10:36 +0200)]
network: port ipv6 routes to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 27 Aug 2021 08:30:55 +0000 (10:30 +0200)]
network: port ipv4 routes to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Fri, 27 Aug 2021 08:17:01 +0000 (10:17 +0200)]
cgroups: fix cgroup settings sorting
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 26 Aug 2021 20:28:58 +0000 (16:28 -0400)]
Merge pull request #3955 from brauner/2021-08-26.list.2
conf: port more types to new list type
Christian Brauner [Thu, 26 Aug 2021 19:46:58 +0000 (21:46 +0200)]
lxccontainer: align initialization
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 19:39:38 +0000 (21:39 +0200)]
tree-wide: s/ipv{4,6}_list/ipv{4,6}_addresses/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 19:35:08 +0000 (21:35 +0200)]
network: port ipv6 addresses to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 26 Aug 2021 17:19:31 +0000 (13:19 -0400)]
Merge pull request #3953 from brauner/2021-08-26.list
conf: port more types to new list type
Christian Brauner [Thu, 26 Aug 2021 16:15:23 +0000 (18:15 +0200)]
network: port ipv4 to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Thu, 26 Aug 2021 14:53:06 +0000 (10:53 -0400)]
Merge pull request #3952 from brauner/2021-08-25.list.2
conf: port more types to new list type
Christian Brauner [Thu, 26 Aug 2021 13:25:28 +0000 (15:25 +0200)]
conf: simplify and port caps to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 12:19:53 +0000 (14:19 +0200)]
cgroup: remove unneeded forward declaration
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 12:19:14 +0000 (14:19 +0200)]
terminal: remove unused struct member
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 12:11:48 +0000 (14:11 +0200)]
conf: port environment to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 11:38:07 +0000 (13:38 +0200)]
conf: remove unused variables
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 09:11:08 +0000 (11:11 +0200)]
conf: switch to parse_mount_attrs() even for legacy mount()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 09:06:52 +0000 (11:06 +0200)]
conf: support recursive propagation options properly
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 08:47:47 +0000 (10:47 +0200)]
conf: rework recursive mount option handling
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 08:25:48 +0000 (10:25 +0200)]
rootfs: remove "options" member
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Thu, 26 Aug 2021 08:17:21 +0000 (10:17 +0200)]
conf: remove unused mountflags nember
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 25 Aug 2021 20:38:18 +0000 (22:38 +0200)]
conf: port id_map to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 25 Aug 2021 17:20:57 +0000 (19:20 +0200)]
conf: port cgroup settings to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 25 Aug 2021 16:55:10 +0000 (18:55 +0200)]
conf: port procs to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 25 Aug 2021 16:47:51 +0000 (18:47 +0200)]
conf: port sysctls to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 25 Aug 2021 16:38:06 +0000 (18:38 +0200)]
conf: port rlimits to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Wed, 25 Aug 2021 16:29:14 +0000 (12:29 -0400)]
Merge pull request #3950 from brauner/2021-08-25.list
tree-wide: introduce new list type and port network handling to it
Christian Brauner [Wed, 25 Aug 2021 12:38:00 +0000 (14:38 +0200)]
conf: port state_clients to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 25 Aug 2021 12:47:06 +0000 (14:47 +0200)]
mainloop: port handlers to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 25 Aug 2021 12:27:09 +0000 (14:27 +0200)]
cgroups: port bpf devices to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 25 Aug 2021 10:13:40 +0000 (12:13 +0200)]
tree-wide: port network handling to new list type
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Wed, 25 Aug 2021 09:11:07 +0000 (11:11 +0200)]
list: add new kernel-based list implementation
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Wed, 25 Aug 2021 03:56:17 +0000 (23:56 -0400)]
Merge pull request #3949 from brauner/2021-08-24.attach
tools: lxc-attach fixes
Stéphane Graber [Tue, 24 Aug 2021 12:29:49 +0000 (08:29 -0400)]
Merge pull request #3948 from brauner/2021-08-24.fixes
confile: return negative errno everywhere
Maximilian Blenk [Tue, 24 Aug 2021 07:55:14 +0000 (09:55 +0200)]
tools: fix elevated privilege handler in lxc-attach
Make sure to return an error when the user requests an LSM profile to be
set while also requesting that elevated LSM privileges are to be used.
Signed-off-by: Maximilian Blenk <Maximilian.Blenk@bmw.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 24 Aug 2021 07:54:27 +0000 (09:54 +0200)]
confile: rework lxc_fill_elevated_privileges()
Cc: Maximilian Blenk <Maximilian.Blenk@bmw.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 24 Aug 2021 07:44:54 +0000 (09:44 +0200)]
attach_options: add LXC_ATTACH_LSM_LABEL to LXC_ATTACH_LSM flags
Cc: Maximilian Blenk <Maximilian.Blenk@bmw.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 24 Aug 2021 07:37:14 +0000 (09:37 +0200)]
tools: align struct initialization
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 24 Aug 2021 07:36:34 +0000 (09:36 +0200)]
tools: fix variable declarations in lxc-attach
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Maximilian Blenk [Mon, 23 Aug 2021 13:39:28 +0000 (15:39 +0200)]
attach: allow LSM attach without new mnt namespace
Currently, the -c command (to set the selinux context) seems to be
broken because lxc-attach expects that also a new mount namespace
is specified via command line. This commit remove the check for the new
mount namespace to fix this issue. Please note that the
--elevated-privileges option is not affected by this issue.
Signed-off-by: Maximilian Blenk <Maximilian.Blenk@bmw.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 24 Aug 2021 07:13:36 +0000 (09:13 +0200)]
confile: return negative errno everywhere
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 24 Aug 2021 07:07:48 +0000 (09:07 +0200)]
Merge pull request #3947 from blenk92/fix-missing-seccomp
config: enable seccomp profile only when compiled with libseccomp
Maximilian Blenk [Mon, 23 Aug 2021 20:04:40 +0000 (22:04 +0200)]
config: enable seccomp profile only when compiled with libseccomp
Make lxc fail if seccomp.profile is specified but lxc is compiled
without seccomp support. Currently, seccomp.profile is silently ignored
if is specified in such a scenario. This could lead to the false
impression that the seccomp filter is applied while it actually isn't.
Signed-off-by: Maximilian Blenk <Maximilian.Blenk@bmw.de>
Stéphane Graber [Thu, 19 Aug 2021 19:18:07 +0000 (15:18 -0400)]
Merge pull request #3943 from brauner/2021-08-19.fixes
seccomp: fix complication when !HAVE_DECL_SECCOMP_NOTIFY_FD
Christian Brauner [Thu, 19 Aug 2021 08:47:31 +0000 (10:47 +0200)]
seccomp: fix complication when !HAVE_DECL_SECCOMP_NOTIFY_FD
[2021-08-18 05:48:26] [build-stdout] mv -f $depbase.Tpo $depbase.Po
[2021-08-18 05:48:26] [build-stderr] seccomp.c: In function ‘seccomp_notify_cleanup_handler’:
[2021-08-18 05:48:26] [build-stderr] seccomp.c:1367:25: error: ‘struct lxc_seccomp’ has no member named ‘notifier’
[2021-08-18 05:48:26] [build-stderr] 1367 | if (fd == conf->seccomp.notifier.notify_fd)
[2021-08-18 05:48:26] [build-stderr] | ^
[2021-08-18 05:48:26] [build-stderr] In file included from af_unix.h:12,
[2021-08-18 05:48:26] [build-stderr] from seccomp.c:14:
[2021-08-18 05:48:26] [build-stderr] seccomp.c:1368:29: error: ‘struct lxc_seccomp’ has no member named ‘notifier’
[2021-08-18 05:48:26] [build-stderr] 1368 | fd = move_fd(conf->seccomp.notifier.notify_fd);
[2021-08-18 05:48:26] [build-stderr] | ^
[2021-08-18 05:48:26] [build-stderr] macro.h:655:26: note: in definition of macro ‘move_fd’
[2021-08-18 05:48:26] [build-stderr] 655 | int __internal_fd__ = (fd); \
[2021-08-18 05:48:26] [build-stderr] | ^~
[2021-08-18 05:48:26] [build-stderr] seccomp.c:1368:29: error: ‘struct lxc_seccomp’ has no member named ‘notifier’
[2021-08-18 05:48:26] [build-stderr] 1368 | fd = move_fd(conf->seccomp.notifier.notify_fd);
[2021-08-18 05:48:26] [build-stderr] | ^
[2021-08-18 05:48:26] [build-stderr] macro.h:656:4: note: in definition of macro ‘move_fd’
[2021-08-18 05:48:26] [build-stderr] 656 | (fd) = -EBADF; \
[2021-08-18 05:48:26] [build-stderr] | ^~
[2021-08-18 05:48:26] [build-stderr] make[3]: *** [Makefile:4496: seccomp.o] Error 1
[2021-08-18 05:48:26] [build-stdout] make[3]: Leaving directory '/opt/src/src/lxc'
[2021-08-18 05:48:26] [build-stdout] make[2]: Leaving directory '/opt/src/src'
[2021-08-18 05:48:26] [build-stdout] make[1]: Leaving directory '/opt/src/src'
[2021-08-18 05:48:26] [build-stderr] make[2]: *** [Makefile:440: all-recursive] Error 1
[2021-08-18 05:48:26] [build-stderr] make[1]: *** [Makefile:379: all] Error 2
[2021-08-18 05:48:26] [build-stderr] make: *** [Makefile:537: all-recursive] Error 1
[2021-08-18 05:48:26] [build-stderr] + '[' -f build.ninja ']'
[2021-08-18 05:48:26] [build-stdout] Semmle autobuild: no supported build system detected.
[2021-08-18 05:48:26] [build-stderr] + '[' -d ../_lgtm_build_dir ']'
[2021-08-18 05:48:26] [build-stderr] + for f in build build.sh
[2021-08-18 05:48:26] [build-stderr] + '[' -x build ']'
[2021-08-18 05:48:26] [build-stderr] + for f in build build.sh
[2021-08-18 05:48:26] [build-stderr] + '[' -x build.sh ']'
[2021-08-18 05:48:26] [build-stderr] + '[' -f setup.py ']'
[2021-08-18 05:48:26] [build-stderr] + echo 'Semmle autobuild: no supported build system detected.'
[2021-08-18 05:48:26] [build-stderr] + exit 1
[2021-08-18 05:48:26] [ERROR] Spawned process exited abnormally (code 1; tried to run: [/opt/dist/tools/linux64/preload_tracer, /opt/dist/cpp/tools/do-build])
[2021-08-18 05:48:26] [build-stderr] A fatal error occurred: Exit status 1 from command: [/opt/dist/cpp/tools/do-build]
[2021-08-18 05:48:26] [build-stderr] deptrace-server: received exit command
[2021-08-18 05:48:27] [ERROR] Spawned process exited abnormally (code 2; tried to run: [/opt/work/lgtm-workspace/lgtm/extract.sh])
A fatal error occurred: Exit status 2 from command: [/opt/work/lgtm-workspace/lgtm/extract.sh]
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Tue, 17 Aug 2021 16:45:57 +0000 (12:45 -0400)]
Merge pull request #3940 from brauner/2021-08-16.fixes.2
tests: only rely on busybox template getting rid of all network dependencies; terminal: allow for tty allocation even when container did not request separate devpts instance
Christian Brauner [Mon, 16 Aug 2021 15:46:39 +0000 (17:46 +0200)]
tests: use busybox in lxc-test-usernic.in
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 16 Aug 2021 15:44:54 +0000 (17:44 +0200)]
tests: use busybox in lxc-test-unpriv
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 16 Aug 2021 15:40:45 +0000 (17:40 +0200)]
tests: use busybox in lxc-test-no-new-privs
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 16 Aug 2021 15:40:04 +0000 (17:40 +0200)]
test: use busybox in lxc-test-autostart
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 16 Aug 2021 15:38:49 +0000 (17:38 +0200)]
test: use busybox in lxc-test-apparmor-mount
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 16 Aug 2021 15:33:59 +0000 (17:33 +0200)]
test: use busybox in lxc-test-apparmor-generated
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 17 Aug 2021 10:14:53 +0000 (12:14 +0200)]
tests: fix order in sys_mixed
We need to set the config item after we loaded the config obviously.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 17 Aug 2021 09:38:11 +0000 (11:38 +0200)]
conf: allow for tty allocation even when container did not request separate devpts instance
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 17 Aug 2021 09:03:17 +0000 (11:03 +0200)]
busybox: simplify
Start relying on autodev for busybox template and wipe all the device
creation.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 17 Aug 2021 09:07:38 +0000 (11:07 +0200)]
busybox: mount sys:ro
There's no udev so sys doesn't need to be read-write.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 17 Aug 2021 08:43:34 +0000 (10:43 +0200)]
terminal: use /dev/ptmx when allocating pty devices from devpts instances we didn't mount ourselves
When we aren't told what devpts instance to allocate from we assume it
is the one in the caller's mount namespace.
This poses a slight complication, a lot of distros will change
permissions on /dev/ptmx so it can be opened by unprivileged users but
will not change permissions on /dev/pts/ptmx itself. In addition,
/dev/ptmx can either be a symlink, a bind-mount, or a separate device
node. So we need to allow for fairly lax lookup.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Tue, 17 Aug 2021 08:38:44 +0000 (10:38 +0200)]
file_utils: add same_device() helper
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Stéphane Graber [Mon, 16 Aug 2021 16:35:46 +0000 (12:35 -0400)]
Merge pull request #3938 from brauner/2021-08-16.fixes
cgroups: simplify offline and isolated cpumask handling
Christian Brauner [Mon, 16 Aug 2021 10:06:16 +0000 (12:06 +0200)]
Merge pull request #3939 from Cypresslin/fix-test-exec-bit
tests: set lxc-test-automount/createconfig/snapdeps as executable
Po-Hsu Lin [Mon, 16 Aug 2021 09:32:24 +0000 (17:32 +0800)]
tests: set lxc-test-automount/createconfig/snapdeps as executable
The debian/tests/exercise script will skip those non-executable tests
in src/test, thus these three tests were never get tested.
Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
Christian Brauner [Mon, 16 Aug 2021 09:11:43 +0000 (11:11 +0200)]
cgroups: simplify offline and isolated cpu handling
Don't create separate cpumask arrays for them. Just clear the ones that
are set in the original cpumask array.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Christian Brauner [Mon, 16 Aug 2021 08:56:51 +0000 (10:56 +0200)]
cgroups: use semantically clean check in cpuset1_cpus_initialize()
The variable is a pointer not a integer.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>