Commit Graph

7917 Commits

Author SHA1 Message Date
Christian Brauner
534aaf45d2
compiler: __attribute__((noreturn)) on bionic
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-23 20:16:12 +02:00
Stéphane Graber
e006ecbc9d
Merge pull request #2637 from brauner/2018-09-22/bugfixes
macro: add STRLITERALLEN() and STRARRAYLEN()
2018-09-23 19:31:05 +02:00
Stéphane Graber
854d13e22e
Merge pull request #2641 from brauner/2018-09-23/cgroup_scoping_fixes
cgfsng: copy parent's cpu settings for monitor too
2018-09-23 19:30:21 +02:00
Christian Brauner
f83903274e
cgfsng: copy parent's cpu settings for monitor too
Closes https://github.com/lxc/lxd/issues/5060.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-23 16:26:31 +02:00
Christian Brauner
6333c91505
tree-wide: replace sizeof() with SIZEOF2STRLEN()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-23 12:56:13 +02:00
Christian Brauner
36dee4a2b6
macro: add STRLITERALLEN() and STRARRAYLEN()
sizeof() implementation for string literals and string arrays that makes
it behave like strlen() for strings.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-23 12:56:13 +02:00
Christian Brauner
b857f4be4f
cgfsng: s/__cgfsng_ops__/__cgfsng_ops/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-23 12:37:43 +02:00
Christian Brauner
181a780fb6
compiler: s/__noreturn__/__noreturn/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-23 12:37:42 +02:00
Christian Brauner
cab25bd54d
compiler: s/__fallthrough__/__fallthrough/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-23 12:37:41 +02:00
Stéphane Graber
3c97aeb8f0
Merge pull request #2636 from brauner/2018-09-21/fix_implicit_fallthrough
autotools: fix check for -Wimplicit-fallthrough
2018-09-23 01:04:51 +02:00
Christian Brauner
62f2b7448d
Merge pull request #2627 from 2xsec/bugfix
conf: realpath() uses null as second parameter to prevent buffer overflow
2018-09-22 11:36:16 +02:00
Christian Brauner
23b44c365e
autotools: fix wrong AX_CHECK_COMPILE_FLAG test
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 23:45:33 +02:00
Serge Hallyn
ea0f0c849a
Merge pull request #2606 from brauner/2018-09-09/cgroup_escape
cgroups: scoping for cgroup v2
2018-09-21 09:54:25 -05:00
Christian Brauner
d28779d94c
cgfsng: add missing __cgfsng_ops__ attributes
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:52:25 +02:00
Christian Brauner
2d172fc734
tests: adapt cgroup tests to new layout
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:52:25 +02:00
Christian Brauner
eeef32bbda
cgfsng: cgfsng_monitor_enter()
brauner@wittgenstein|~
> sudo systemctl status lxc@c1
● lxc@c1.service - LXC Container: c1
   Loaded: loaded (/lib/systemd/system/lxc@.service; disabled; vendor preset: enabled)
   Active: active (running) since Tue 2018-09-11 10:42:22 CEST; 38s ago
     Docs: man:lxc-start
           man:lxc
  Process: 29855 ExecStart=/usr/bin/lxc-start -n c1 -p /run/lxc/c1.pid (code=exited, status=0/SUCCESS)
    Tasks: 18 (limit: 4915)
   Memory: 32.1M
   CGroup: /system.slice/system-lxc.slice/lxc@c1.service
           ├─lxc.monitor
           │ └─c1
           │   └─29870 [lxc monitor] /var/lib/lxc c1
           └─lxc.payload
             └─c1
               ├─init.scope
               │ └─29878 /sbin/init
               └─system.slice
                 ├─console-getty.service
                 │ └─30028 /sbin/agetty -o -p -- \u --noclear --keep-baud console 115200,38400,9600 linux
                 ├─cron.service
                 │ └─30019 /usr/sbin/cron -f
                 ├─dbus.service
                 │ └─30020 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                 ├─networkd-dispatcher.service
                 │ └─30016 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
                 ├─rsyslog.service
                 │ └─30017 /usr/sbin/rsyslogd -n
                 ├─system-container\x2dgetty.slice
                 │ ├─container-getty@0.service
                 │ │ └─30027 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/0 115200,38400,9600 vt220
                 │ ├─container-getty@1.service
                 │ │ └─30030 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/1 115200,38400,9600 vt220
                 │ ├─container-getty@2.service
                 │ │ └─30026 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/2 115200,38400,9600 vt220
                 │ └─container-getty@3.service
                 │   └─30029 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/3 115200,38400,9600 vt220
                 ├─systemd-journald.service
                 │ └─29976 /lib/systemd/systemd-journald
                 ├─systemd-logind.service
                 │ └─30018 /lib/systemd/systemd-logind
                 ├─systemd-networkd.service
                 │ └─29996 /lib/systemd/systemd-networkd
                 ├─systemd-resolved.service
                 │ └─30014 /lib/systemd/systemd-resolved
                 └─systemd-udevd.service
                   └─29986 /lib/systemd/systemd-udevd

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:52:25 +02:00
Christian Brauner
634ab5ed7d
cgroups: add monitor_enter()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:52:25 +02:00
Christian Brauner
72068e7470
cgfsng: add cgfsng_monitor_create()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:52:25 +02:00
Christian Brauner
6439f06e78
cgroups: add monitor_create()
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:52:25 +02:00
Christian Brauner
e09b62f943
cgroups: add monitor_full_path member
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:47:04 +02:00
Christian Brauner
d39e9d8b04
cgroups: add monitor_cgroup member
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:47:04 +02:00
Christian Brauner
bb221ad14f
cgroups: s/base_cgroup/container_base_path/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:47:04 +02:00
Christian Brauner
c72d45f71f
cgroups: add missing string.h include
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:47:04 +02:00
Christian Brauner
eb6971363b
cgroups: s/fullcgpath/container_full_path/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:47:03 +02:00
Christian Brauner
292b3910d5
cgroups: switch to lxc.payload as default pattern
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:47:03 +02:00
Christian Brauner
e8b181f525
cgroup: rename container specific cgroup functions
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 16:47:01 +02:00
Stéphane Graber
e52f28afad
Merge pull request #2635 from brauner/2018-09-21/Wimplicit-fallthrough
autotools: add -Wimplicit-fallthrough
2018-09-21 15:54:32 +02:00
Stéphane Graber
7c887243d3
Merge pull request #2630 from brauner/2018-09-20/remove_locking
api_extensions: introduce lxc_has_api_extension()
2018-09-21 15:50:35 +02:00
Christian Brauner
cf0fd972be
autotools: add -Wimplicit-fallthrough
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 15:24:14 +02:00
Christian Brauner
aafa5f96f6
api_extensions: introduce lxc_has_api_extension()
This is modeled after LXD's API extension checks. This allows API users
to query the given LXC instance whether a given API extension is
supported.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 15:17:15 +02:00
Stéphane Graber
ef92a78a1f
Merge pull request #2633 from brauner/2018-09-21/cgfsng_ops_attribute
cgfsng: mark ops with __cgfsng_ops__ attribute
2018-09-21 15:13:16 +02:00
Stéphane Graber
053f8fb685
Merge pull request #2634 from brauner/2018-09-21/cgroup_relative
confile: s/lxc.cgroup.keep/lxc.cgroup.relative/g
2018-09-21 15:13:03 +02:00
Stéphane Graber
0854924119
Merge pull request #2607 from brauner/2018-09-11/sysfs_mixed
conf: remove extra MS_BIND with sysfs:mixed
2018-09-21 13:46:00 +02:00
Christian Brauner
fb55e00900
cgfsng: mark ops with __cgfsng_ops__ attribute
Helps to easily tell the cgfsng ops functions from helpers.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 13:45:46 +02:00
Christian Brauner
9caee129cd
confile: s/lxc.cgroup.keep/lxc.cgroup.relative/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 13:44:53 +02:00
Stéphane Graber
e430137c18
Merge pull request #2608 from brauner/2018-09-11/netns_get_nsid
network: add lxc_netns_get_nsid()
2018-09-21 13:44:34 +02:00
Stéphane Graber
2339fce523
Merge pull request #2631 from brauner/2018-09-20/rename_backgrounded
start: s/backgrounded/daemonize/g
2018-09-21 13:36:57 +02:00
Christian Brauner
bb955810ef
start: s/backgrounded/daemonize/g
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-21 12:52:32 +02:00
2xsec
74e7b66219
conf: realpath() uses null as second parameter to prevent buffer overflow
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
2018-09-21 11:09:54 +09:00
Cameron Nemo
b19c5d1237 apparmor: account for specified rootfs path (closes #2617)
Signed-off-by: Cameron Nemo <camerontnorman@gmail.com>
2018-09-20 15:56:05 -07:00
Stéphane Graber
2eea260752
Merge pull request #2626 from brauner/2018-09-20/remove_locking
lxccontainer: remove cgroup locking
2018-09-21 00:11:43 +02:00
Christian Brauner
152508ba09
lxccontainer: remove locks from get_cgroup_item()
The on-disk config file is not altered and the in-memory config isn't
altered so no need for locking.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-20 22:42:55 +02:00
Christian Brauner
03095169ca
lxccontainer: remove locks from set_cgroup_item()
The on-disk config file is not altered and the in-memory config isn't
altered so no need for locking.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-20 22:41:45 +02:00
Christian Brauner
7fc5ee66fe
Merge pull request #2624 from 2xsec/bugfix
af_unix: add function to remove duplicated codes for set sockaddr
2018-09-20 21:55:08 +02:00
2xsec
c62fb5e023
af_unix: add function to remove duplicated codes for set sockaddr
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
2018-09-19 20:38:16 +09:00
Stéphane Graber
95bdc9e7e5
Merge pull request #2622 from brauner/2018-09-19/attach_exit_status
attach: report standard shell exit codes
2018-09-19 11:49:02 +02:00
Christian Brauner
06346bb04a
attach: report standard shell exit codes
POSIX mandates that on ENOEXEC 126 and on ENOENT 127 is supposed to be
reported.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2018-09-19 11:26:37 +02:00
Christian Brauner
28360e951c
Merge pull request #2621 from 2xsec/bugfix
security: fix too wide or inconsistent non-owner permissions
2018-09-19 09:11:36 +02:00
2xsec
e581b9b5f2
security: fix too wide or inconsistent non-owner permissions
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
2018-09-19 14:30:12 +09:00
Christian Brauner
ee3d71040d
Merge pull request #2619 from smibarber/attach-shutdown
attach: don't shutdown ipc socket in child
2018-09-18 18:24:46 +03:00