When removing cgroups we can't always use the minimal idmap if the user has
specified a specific map for the container instead of just a simple one.
Execute cgroup removal under the full map.
Fixes: https://github.com/lxc/lxd/issues/11108
Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>
It's more or less dead. If we care about a service like this we should use
something else.
Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>
Add the prototype for __clone2(...) that is used on ia64, and adjust the
code to use it via macro tests.
Verified that the code compiles properly on Debian's ia64 porterbox
(yttrium), but was unable to actually run as lxc-test-reboot requires
root privileges.
Signed-off-by: Mathias Gibbens <gibmat@debian.org>
This test will fail on Jammy 5.15, and because of the "set -e" it
will never go through the lxc-stop and lxc-destroy code in the end
of this script. Thus the lxc-test-criu container will not be removed.
Compose a cleanup() and use TRAP to solve this problem.
Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
Looks like the --force is a flag to stop a running container before
destroying it.
Update the help message accordingly.
Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
lxc-attach swallows the return codes of processes that are terminated
via a signal, and by default exits with a return code of 0 (i.e.
indicating success) even if the command it tried to execute was
terminated.
This patch fixes it by explicitly checking if the process was terminated
via a signal, and returning an appropriate exit code.
Note that we add 128 to the signal value to generate the exit code
because by convention the exit code is 128 + signal number. e.g. if a
process is killed via signal 9, then the error code is 9 + 128 = 137.
Signed-off-by: Mohammed Ajmal Siddiqui <ajmalsiddiqui21@gmail.com>
The sd_bus_call_method_asyncv's 10th parameter is of type
va_list and supplying NULL when invoking it causes compilation
error. Just replace it with the async one.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
docbook2man can sometimes be docbook2x and other times be docbook-utils.
Rather than compare paths, use version constraints to detect version.
Signed-off-by: Cameron Nemo <cam@nohom.org>
The move to meson has made it so that all rendered/built files are now
nicely self-contained. This lets us greatly simplify our gitignore,
effectively just ignoring release tarballs and the few usual temporary
files we may deal with during development.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Unfortunately, builds using alpine:edge still break!
Apparently, run_command(...).stdout() must be strip()'ed for variable
assignments
Addendum to d5600cf76a
Fixes issue #4223
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
Since switching to meson, liblxc.a is being shipped as liblxc_static.a.
Change it back to liblxc.a.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
(cherry picked from commit 64eb31d02d)
On openSUSE, our packages are build in the Open Build Service which does
not have a proper systemd installation that you can query to get the
systemdunitdir.
The simplest solution is to re-add the ability to explicitly set the
systemdunitdir (as was previously possible with the autotools build
system in pre-5.0 LXC).
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
Without setting this, the default build will fail if you don't have the
static libcap library installed (on openSUSE this is packaged separately
to libcap-devel).
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
Among other things, openSUSE places seccomp.h inside a non-default
include directory (/usr/include/seccomp/seccomp.h) which revealed
several issues with how dependencies were being handled previously.
The most notable issue is that the include cflags of our build
dependencies were not being provided to the recipes for static
executables (yet they still expected access to the dependency headers).
This also involved a minor cleanup of how these dependencies are
collected, and added liburing to the set of private pkg-config libs
(which I assume was an oversight?).
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
While in principle the pointer could overflow, GCC 12 considers this to
not be possible and issues the following warning:
../src/lxc/cgroups/cgfsng.c: In function ‘__cgfsng_delegate_controllers’:
../src/lxc/cgroups/cgfsng.c:3306:21: warning: the comparison will always evaluate as ‘true’ for the pointer operand in ‘it + 8’ must not be NULL [-Waddress]
3306 | if ((it + 1) && *(it + 1))
| ^
This removes the only build warning triggered when building on openSUSE.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
Allows either:
- Build inside minimal-and-clean chroot with neither
/etc/sysconfig nor /etc/default available.
- Cross Compile lxc from foreign distro,
let's say host distro uses /etc/sysconfig and build distro
uses /etc/default and vice versus.
Signed-off-by: Đoàn Trần Công Danh <congdanhqx@gmail.com>
Move -fstack-protector-strong from possible_cc_flags to
possible_link_flags to avoid a build failure on toolchains without ssp
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Define libcap_static to an empty array to avoid the following build
failure with -Dcapabilities=false:
output/build/lxc-5.0.0/src/lxc/cmd/meson.build:64:4: ERROR: Unknown variable "libcap_static".
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
STRERROR_R_CHAR_P is always defined to 0 or 1 depending on the value of
have_func_strerror_r_char_p in meson.build so replace #ifdef by #if to
avoid a redefinition build failure if char *strerror_r is not defined
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
These are all still in use in the code but have not been
added to meson.build when switching over from autoconf.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This fixes a really subtle off-by-one error constructing overlay mount options if rootfs options are provided and modern overlayfs (i.e. requiring a workdir) is used. We need to allow for the extra "," required to separate the extra options when computing the length!
Signed-off-by: srd424 <srd424@users.noreply.github.com>
we use HAVE_STATVFS in the code but with meson the check got
lost causing mount_entry to fail to remount some things such
as a bind mount of /dev/fuse via
lxc.mount.entry = /dev/fuse dev/fuse none bind,create=file 0 0
which would cause the following log messages:
DEBUG conf - ../src/lxc/conf.c:mount_entry:2416 - Remounting "/dev/fuse" on "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/fuse" to respect bind or remount options
ERROR conf - ../src/lxc/conf.c:mount_entry:2459 - Operation not permitted - Failed to mount "/dev/fuse" on "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/fuse"
note that the `Flags for ... were ...` line is not showing
up there, which depends on HAVE_STATVFS
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
We appended container_tty= and then used setenv(container_tty, ...)
resulting int container_tty=container_tty=.
Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>
