From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Fri, 10 Feb 2017 09:13:40 +0100
-Subject: [PATCH lxc] PVE: [Config] lxc.service: start after a potential
+Subject: [PATCH 1/3] PVE: [Config] lxc.service: start after a potential
syslog.service
We could add this as a snippet from pve-container instead.
Wants=lxc-net.service
Documentation=man:lxc-autostart man:lxc
+--
+2.30.2
+
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
Date: Wed, 9 Nov 2016 09:14:26 +0100
-Subject: [PATCH lxc] PVE: [Config] deny rw mounting of /sys and /proc
+Subject: [PATCH 2/3] PVE: [Config] deny rw mounting of /sys and /proc
Note that we don't actually make use of this anymore, since
we switched to the generated profiles which already do this.
# allow paths to be made slave, shared, private or unbindable
# FIXME: This currently doesn't work due to the apparmor parser treating those as allowing all mounts.
# mount options=(rw,make-slave) -> **,
+--
+2.30.2
+
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Tue, 13 Aug 2019 13:57:22 +0200
-Subject: [PATCH lxc] PVE: [Config] attach: always use getent
+Subject: [PATCH 3/3] PVE: [Config] attach: always use getent
In debian buster, some libnss plugins (if installed) can
cause getpwent to segfault instead of erroring out cleanly.
1 file changed, 2 insertions(+), 27 deletions(-)
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
-index 77da7bb45..65c953298 100644
+index f086e96c4..9969f2d8e 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
-@@ -1841,45 +1841,21 @@ int lxc_attach_run_command(void *payload)
+@@ -1843,45 +1843,21 @@ int lxc_attach_run_command(void *payload)
int lxc_attach_run_shell(void* payload)
{
if (user_shell)
execlp(user_shell, user_shell, (char *)NULL);
-@@ -1889,8 +1865,7 @@ int lxc_attach_run_shell(void* payload)
+@@ -1891,8 +1867,7 @@ int lxc_attach_run_shell(void* payload)
execlp("/bin/sh", "/bin/sh", (char *)NULL);
SYSERROR("Failed to execute shell");
return -1;
}
+--
+2.30.2
+
-extra/0001-add-check-for-statvfs.patch
-extra/0002-Fix-off-by-one-error-constructing-mount-options.patch
-extra/0003-Store-mount-options-in-correct-variable.patch
-extra/0004-Fix-uninitialized-read-in-parse_cap-when-libcap-is-n.patch
-extra/0005-meson-add-remaining-still-in-use-config-checks.patch
pve/0001-PVE-Config-lxc.service-start-after-a-potential-syslo.patch
pve/0002-PVE-Config-deny-rw-mounting-of-sys-and-proc.patch
pve/0003-PVE-Config-attach-always-use-getent.patch
-Subproject commit 1f8c355727757b41964a7273f51d4f6b59531e02
+Subproject commit d571736812b89e195bee69b900fe09115a1e7e00