Merge pull request #3904 from hallyn/2021-07-14/mantypo

doc/common_options: add trace and alert loglevels

doc/common_options: add trace and alert loglevels

Signed-off-by: Serge Hallyn <serge@hallyn.com>

Merge pull request #3900 from brauner/2021-07-08.fixes

file_utils: surface ENOENT when falling back to openat()

file_utils: surface ENOENT when falling back to openat()

Link: https://discuss.linuxcontainers.org/t/error-failed-to-retrieve-pid-of-executing-child-process
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3896 from Blub/include-userns-config-dir

RFC: conf: userns.conf: include userns.conf.d

Merge pull request #3897 from brauner/2021-07-05.fixes

lxc-unshare: fixes

lxc_unshare: fix network device handling

We were passing the wrong PID. Fix this!

Link: https://discuss.linuxcontainers.org/t/problem-with-moving-interface-new-network-namespace-in-lxc-unshare
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_unshare: make mount table private

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: allow including nonexisting directories

If an include directive ends with a trailing slash, we now
always assume it is a directory and do not treat the
non-existence as an error.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

conf: userns.conf: include userns.conf.d

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

Merge pull request #3895 from tenforward/japanese

Update Japanese lxc.container.conf(5)

doc: Fix typo in English lxc.container.conf(5)

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>

doc: Add new idmap= option to Japanese lxc.container.conf(5)

Update for commit 1852be904823e3532af38efc5ef55d3fb931e616

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>

doc: Append description of net type field

Update for commit 320061b34fea7d7f280b0a421dddeac7dac7f1bf

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>

doc: Add eBPF-based device controller semantics to Japanese man page

Update for commit 5025f3a69053bbddbe6c76ffb55b4bbd5759dcc8

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>

Merge pull request #3891 from brauner/2021-07-01.fixes

cgroups: handle funky cgroup layouts

Merge pull request #3892 from brauner/2021-07-01.fixes.2

terminal: ensure newlines are turned into newlines+carriage return fo…

Merge pull request #3893 from brauner/2021-07-01.fixes.3

cmd/lxc-checkconfig: list cgroup namespaces and rename confusing ns_c…

cmd/lxc-checkconfig: list cgroup namespaces and rename confusing ns_cgroup entry

Link: https://discuss.linuxcontainers.org/t/cgroup-namespace-required-in-lxc-checkconfig-and-config-cgroup-ns
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

terminal: ensure newlines are turned into newlines+carriage return for terminal output

Fixes: #3879
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: handle funky cgroup layouts

Old versions of Docker emulate a cgroup namespace by bind-mounting the
container's cgroup over the corresponding controller:

/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime master:11 - cgroup cgroup rw,xattr,name=systemd
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/net_cls,net_prio rw,nosuid,nodev,noexec,relatime master:15 - cgroup cgroup rw,net_cls,net_prio
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/cpu,cpuacct rw,nosuid,nodev,noexec,relatime master:16 - cgroup cgroup rw,cpu,cpuacct
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime master:17 - cgroup cgroup rw,memory
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime master:18 - cgroup cgroup rw,devices
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/hugetlb rw,nosuid,nodev,noexec,relatime master:19 - cgroup cgroup rw,hugetlb
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/perf_event rw,nosuid,nodev,noexec,relatime master:20 - cgroup cgroup rw,perf_event
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime master:21 - cgroup cgroup rw,cpuset
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime master:22 - cgroup cgroup rw,blkio
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/pids rw,nosuid,nodev,noexec,relatime master:23 - cgroup cgroup rw,pids
/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7d4424e6_bb13_42f4_a47a_45a4828bf54d.slice/docker-d0b3604b67ac7930dd34ba3a796627e3e4717d12309e90a4afe3f38b6816ac98.scope /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime master:24 - cgroup cgroup rw,freezer

New versions of LXC always stash a file descriptor for the root of the
cgroup mount at /sys/fs/cgroup and then resolve the current cgroup
parsed from /proc/{1,self}/cgroup relative to that file descriptor. This
doesn't work when the caller's cgroup is mouned over the controllers.
Older versions of LXC simply counted such layouts as having no cgroups
available for delegation at all and moved on provided no cgroup limits
were requested. But mainline LXC would fail such layouts. While I would
argue that failing such layouts is the semantically clean approach we
shouldn't regress users so make mainline LXC treat such cgroup layouts
as having no cgroups available for delegation.

Fixes: #3890
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3888 from brauner/2021-06-30.fixes

Improve read-only /sys with read-write /sys/devices/virtual/net

tests: add tests for read-only /sys with read-write /sys/devices/virtual/net

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: improve read-only /sys with read-write /sys/devices/virtual/net

Some tools require /sys/devices/virtual/net to be read-write. At the
same time we want all other parts of /sys to be read-only. To do this we
created a layout where we hade a read-only instance of sysfs mounted on
top of a read-write instance of sysfs:

`-/sys                                  sysfs                                                        sysfs      rw,nosuid,nodev,noexec,relatime
  `-/sys                                sysfs                                                        sysfs      ro,nosuid,nodev,noexec,relatime
    |-/sys/devices/virtual/net          sysfs                                                        sysfs      rw,relatime
    | `-/sys/devices/virtual/net        sysfs[/devices/virtual/net]                                  sysfs      rw,nosuid,nodev,noexec,relatime

This causes issues for systemd services that create a separate mount
namespace as they get confused to what mount options need to be
respected.

Simplify our mounting logic so we end up with a single read-only mount
of sysfs on /sys and a read-write bind-mount of /sys/devices/virtual/net:

├─/sys                                sysfs                                                                                  sysfs         ro,nosuid,nodev,noexec,relatime
│ ├─/sys/devices/virtual/net          sysfs[/devices/virtual/net]                                                            sysfs         rw,nosuid,nodev,noexec,relatime

Link: systemd/systemd#20032
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3887 from simondeziel/closedir

initutils: close dirfd in error path

initutils: close dirfd in error path

Signed-off-by: Simon Deziel <simon.deziel@canonical.com>

Merge pull request #3885 from tych0/dont-exec-execute

execute: don't exec init, call it

execute: ensure parent is notified about child exec and close all unneeded fds

lxc_container_init() creates the container payload process as it's child
so lxc_container_init() itself never really exits and thus the parent
isn't notified about the child exec'ing since the sync file descriptor
is never closed. Make sure it's closed to notify the parent about the
child's exec.

In addition we're currently leaking all file descriptors associated with
the handler into the stub init. Make sure that all file descriptors
other than stderr are closed.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: log network devices while sending

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

initutils: use vfork() in lxc_container_init()

We can let the child finish calling exec before continuing in the
parent.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

execute: don't exec init, call it

Instead of having a statically linked init that we put on the host fs
somewhere via packaging, have to either bind mount in or detect fexecve()
functionality, let's just call it as a library function. This way we don't
have to do any of that.

This also fixes up a bunch of conditions from:

if (quiet)
    fprintf(stderr, "log message");

to

if (!quiet)
    fprintf(stderr, "log message");

:)

and it drops all the code for fexecve() detection and bind mounting our
init in, since we no longer need any of that.

A couple other thoughts:

* I left the lxc-init binary in since we ship it, so someone could be using
  it outside of the internal uses.
* There are lots of unused arguments to lxc-init (including presumably
  --quiet, since nobody noticed the above); those may be part of the API
  though and so we don't want to drop them.

Signed-off-by: Tycho Andersen <tycho@tycho.pizza>

Merge pull request #3877 from tomasz-blaszczak-red/fix-crash-after-remove-from-array

remove_from_array() causes a crash

When an item is added to an array, then the array is realloc()ed (to size+1),
and the item is copied (strdup()) to the array.
Thus, when an item is removed from an array, memory allocated for that item
should be freed, successive items should be left-shifted and the array
realloc()ed again (size-1).

Additional changes:
- If strdup() fails in add_to_array(), then an array should be
  realloc()ed again to original size.
- Initialize an array in list_all_containers().

Signed-off-by: Tomasz Blaszczak <tomasz.blaszczak@consult.red>

Merge pull request #3884 from brauner/2021-06-28.fixes

cgroups: verify that hierarchies are non-empty

cgroups: verify that hierarchies are non-empty

Fixes: #3881
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3882 from stgraber/master

lxc-download: Switch GPG server

lxc-download: Switch GPG server

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Resize array in remove_from_array() and fix a crash

When an item is added to an array, then the array is realloc()ed (to size+1),
and the item is copied (strdup()) to the array.
Thus, when an item is removed from an array, allocated memory pointed by
the item (not the item itself) should be freed, successive items should
be left-shifted and the array realloc()ed again (size-1).

Additional changes:
- Initialize an array in list_all_containers().

Signed-off-by: Tomasz Blaszczak <tomasz.blaszczak@consult.red>

When an item is added to an array, then the array is realloc()ed (to size+1),
and the item is copied (strdup()) to the array.
Thus, when an item is removed from an array, memory allocated for that item
should be freed, successive items should be left-shifted and the array
realloc()ed again (size-1).

Additional changes:
- If strdup() fails in add_to_array(), then an array should be
  realloc()ed again to original size.
- Initialize an array in list_all_containers().

Signed-off-by: Tomasz Blaszczak <tomasz.blaszczak@consult.red>

Merge pull request #3870 from brauner/2021-06-16.fixes

cgroups: use stable ordering for co-mounted v1 controllers

cgroups: use stable ordering for co-mounted v1 controllers

Fixes: #3703
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3867 from brauner/2021-06-14.fixes

remove problematic terminology

tree-wide: replace problematic terminology

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tree-wide: replace problematic terminology

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tree-wide: replace problematic terminology

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tree-wide: remove problematic terminology

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

seccomp: replace problematic terminology

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

common.conf: replace problematic terminology

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3865 from brauner/2021-06-14.listen_fds

Add support for LISTEN_FDS environment variable.

Add support for LISTEN_FDS environment variable.

The LISTEN_FDS environment variable defines the number of
file descriptors that should be inherited by the container,
in addition to stdio.
The LISTEN_FDS environment variable is defined in the OCI spec
and used to support socket activation.

Refs #3845

Signed-off-by: Ruben Jenster <r.jenster@drachenfels.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3864 from lifeng68/master

string utils: Make sure don't return uninitialized memory.

string utils: Make sure don't return uninitialized memory.

The function lxc_string_split_quoted and lxc_string_split_and_trim use
realloc to reduce the memory. But the result may be NULL, the the
returned memory will be uninitialized

Signed-off-by: LiFeng <lifeng68@huawei.com>

Merge pull request #3861 from brauner/2021-06-08.fixes.2

api_extensions: introduce idmapped_mounts_v2 api extension

api_extensions: introduce idmapped_mounts_v2 api extension

This indicates that LXC supports idmapping the rootfs and
idmapped lxc.mount.entry entries.

Link: https://github.com/lxc/lxd/issues/8870
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3860 from brauner/2021-06-08.fixes

tools/lxc_autostart: fix failed count

tools/lxc_autostart: fix failed count

Don't include skipped containers in the failed count.

Fixes: #3857
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3856 from brauner/2021-06-07.fixes

lsm/apparmor: actually report an error when we fail to wire AppArmor …

lsm/apparmor: actually report an error when we fail to wire AppArmor profile

Link: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1931064
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3854 from brauner/2021-06-03.fixes

lxc: add lpthread to lxc.pc

lxc: add lpthread to lxc.pc

Fixes: #3853
Suggested-by: Tycho Andersen <tycho@tycho.pizza>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3852 from pablofsf/lxc-net-nftables

Update lxc-net to support nftables

Update lxc-net to support nftables

Closes #3093
Closes #3602

Add support for nftables firewall rules if `nft` command line
interface is available in the system

Signed-off-by: Pablo Correa Gómez <ablocorrea@hotmail.com>

Merge pull request #3851 from brauner/2021-05-25.fixes

fixes

network: please broken compilers

Some users report that compilation fails because of reports that this
variable can be used uninitialized. Initialize it to silence the
compiler.

Fixes: https://github.com/lxc/lxc/issues/3850
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3849 from stgraber/master

README: Update IRC

README: Update IRC

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Merge pull request #3848 from brauner/2021-05-21.fixes

start: rework fd synchronization

start: simplify startup synchronization

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: reorder START_SYNC_POST_CONFIGURE

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: use barrier instead of wake/wait pair

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: use explicit signage in bit field

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: move file descriptor synchronization with parent into single function

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: move file descriptor synchronization with child into single function

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: rework check whether legacy hierarchy is writable

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3846 from brauner/2021-05-19.fixes

conf: fix mount option parsing

conf: fix mount option parsing

Fixes: Coverity 1484906
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3843 from brauner/2021-05-17.idmapped.lxc.mount.entry

conf: support idmapped lxc.mount.entry entries

confile: free mount data

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: add sequence when setting up idmapped mounts

Make sure we catch any weird behavior.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: support idmapped lxc.mount.entry entries

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3844 from CecilHarvey/master

Skip rootfs pinning for read-only file system.

Skip rootfs pinning for read-only file system.

Signed-off-by: Wei Mingzhi <weimingzhi@baidu.com>

conf: rename struct mount_opt flag member s/flag/legacy_flag/

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tree-wide: s/parse_mntopts/parse_mntopts_legacy/

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3842 from brauner/2021-05-14.fixes

start: move idmapped mount setup later

start: move idmapped mount setup later

At the prior location we we're placed between sending and receiving
networking information over the data socket causing the startup to fail.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3840 from brauner/2021-05-12.fixes.rootfs

conf: fix containers without rootfs

conf: tweak rootfs handling

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: don't unmount procfs and sysfs

Fixes: #3838
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: allow xdev when setting up /dev

Fixes: #3838
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3837 from brauner/2021-05-10.fixes.cgroup

cgroups: clean up cgroup_ops on initialization error

cgroups: clean up cgroup_ops on initialization error

Fixes: #3836
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3826 from brauner/2021-05-04.fuzz.cgroup

oss-fuzz: add basic cgroup_init()/cgroup_exit() fuzzing

Merge pull request #3834 from brauner/2021-05-10.fixes

tests: fix lxc-test-arch-parse for make dist

tests: fix lxc-test-arch-parse for make dist

Fixes: https://jenkins.linuxcontainers.org/job/lxc-build-tarballs/2762/console
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3833 from brauner/2021-05-09.fixes

confile: re-add aarch64 architecture

tests: add tests for supported architectures

Ensure that we detect all supported architectures and don't regress
recognizing them.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: re-add aarch64 architecture

Apparenty we dropped this when we cleaned up architecture handling.

Fixes: #3832
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3831 from sjuxax/zfs-fix

Skip rootfs pinning for ZFS roots.

Reflow ZFS check to follow the style of the overlayfs return.

Per https://github.com/lxc/lxc/pull/3831#discussion_r628865713

Signed-off-by: Jeff Cook <jeff@jeffcook.io>