mirror_lxc

mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-13 16:20:24 +00:00

Author	SHA1	Message	Date
Christian Brauner	8cf6a64675	mount_utils: make some mount helpers static inline Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-08-03 12:51:24 +02:00
Christian Brauner	0f43436cbe	conf: let parse_vfs_attr() handle legacy mount flags as well Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-08-03 12:19:49 +02:00
Christian Brauner	777827cb3a	conf: log failure to create tty mountpoint Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-08-03 09:22:46 +02:00
Stéphane Graber	fa89ed65fa	Merge pull request #3920 from brauner/2021-08-02.fixes mount_utils: introduce mount_at()	2021-08-02 14:33:37 -04:00
Christian Brauner	b35f8f7ef5	conf: refactor lxc_recv_ttys_from_child() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-08-02 19:21:08 +02:00
Christian Brauner	caaa223bc0	conf: fix logging in lxc_idmapped_mounts_child() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-08-02 18:47:44 +02:00
Christian Brauner	8b0ccdaaf3	mount_utils: introduce mount_at() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-08-02 15:30:03 +02:00
Stéphane Graber	1b8f92fe74	Merge pull request #3919 from brauner/2021-07-31.devpts terminal: handle kernel without TIOCGPTPEER	2021-07-31 10:54:25 -04:00
Christian Brauner	64ac925fb1	terminal: fail on unknown error during TIOCGPTPEER Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-31 10:19:57 +02:00
Christian Brauner	23cc33cd90	terminal: move native terminal allocation from error logging to info Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-31 10:17:36 +02:00
Christian Brauner	18129d9471	conf: handle kernels without TIOCGPTPEER Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-31 10:14:39 +02:00
Stéphane Graber	81f0bf03ab	Merge pull request #3918 from brauner/2021-07-30.devpts conf: rework console setup	2021-07-30 10:42:39 -04:00
Christian Brauner	9f77617b2e	start: allow containers to use a native console After all of the previous rework we can make it possible for a container to use a console allocated from the container's devpts instance. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-30 15:24:22 +02:00
Christian Brauner	4dcf0c43d6	terminal: remove unused argument from lxc_devpts_terminal() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-30 13:49:51 +02:00
Christian Brauner	d94a7f0911	conf: rework console setup Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-30 13:31:03 +02:00
Christian Brauner	9910185a80	file_utils: add open_at_same() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-30 13:02:01 +02:00
Christian Brauner	f6370f2ac2	conf: use mount_fd() during console mounting Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-30 09:40:40 +02:00
Christian Brauner	af0cf9b759	conf: use mount_fd() in lxc_setup_dev_console() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-30 09:27:54 +02:00
Christian Brauner	84f8f9e470	conf: use mount_fd() helper when mounting ttys Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-30 09:20:22 +02:00
Christian Brauner	b370ffcf7e	mount_utils: add mount_fd() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-30 09:19:32 +02:00
Christian Brauner	d926c261b3	conf: stash pty_nr in struct lxc_terminal Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-30 09:07:50 +02:00
Stéphane Graber	cd7bd1fdd8	Merge pull request #3916 from brauner/2021-07-29.fixes conf: move remaining setup before pivot root	2021-07-29 13:26:19 -04:00
Christian Brauner	6a2ca1b4dc	conf: move lxc_create_ttys() before pivot root This is the last setup step that occured after pivot root. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 19:00:32 +02:00
Christian Brauner	4655bdd112	terminal: split out lxc_devpts_terminal() helper Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 18:58:46 +02:00
Stéphane Graber	85fdf33f4e	Merge pull request #3915 from brauner/2021-07-29.fixes string_utils: cast __s64 to long long signed int	2021-07-29 12:42:39 -04:00
Christian Brauner	e39f333336	string_utils: cast __s64 to long long signed int Link: https://launchpadlibrarian.net/550723147/buildlog_snap_ubuntu_focal_ppc64el_lxd-latest-edge_BUILDING.txt.gz Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 18:25:19 +02:00
Stéphane Graber	3f4530847b	Merge pull request #3914 from brauner/2021-07-29.devpts devpts: move setup before pivot root	2021-07-29 12:20:23 -04:00
Christian Brauner	96a980e1af	conf: merge devpts setup and move before pivot root Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 15:54:46 +02:00
Christian Brauner	cb01e31126	terminal: don't use ttyname_r() for native terminal allocation Since we can call that function from another mount namespace we need to do this manually. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 15:49:17 +02:00
Christian Brauner	c146c54eee	conf: add and use mount_beneath_fd() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 15:49:17 +02:00
Christian Brauner	d27ae9992a	conf: update comment Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 15:41:00 +02:00
Christian Brauner	068534278e	conf: use a relative path in symlinkat() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 15:41:00 +02:00
Christian Brauner	42c0d0568f	conf: s/lxc_setup_devpts_parent/lxc_recv_devpts_from_child/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 15:41:00 +02:00
Christian Brauner	f30fc74d07	conf: attach devpts mount directly when new mount api can be used Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 15:40:57 +02:00
Christian Brauner	a32e275f25	conf: set source property for devpts Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 15:39:04 +02:00
Christian Brauner	87dfb724ea	conf: surface failures to setup console Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-29 15:36:21 +02:00
Stéphane Graber	9dcca2d5e0	Merge pull request #3912 from brauner/2021-07-28.devpts conf: devpts rework	2021-07-28 16:48:18 -04:00
Christian Brauner	52da248213	Merge pull request #3913 from stgraber/master Fix typos	2021-07-28 21:49:14 +02:00
Stéphane Graber	10fe481d5f	Fix typos This fixes all typos identified by lintian. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>	2021-07-28 15:14:38 -04:00
Christian Brauner	7294a26d3d	conf: ensure devpts_fd is set to -EBADF Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-28 18:40:14 +02:00
Christian Brauner	ecfc18270e	terminal: ttyname_r() returns an error number on failure In other words, how inconsistent can an API be? Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-28 18:40:13 +02:00
Christian Brauner	289b707bd1	conf: use new mount api for devpts setup Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-07-28 18:40:13 +02:00
Christian Brauner	f10866f0d5	Merge pull request #3910 from petris/tty_enxio lxc_setup_ttys: Handle existing ttyN file without underlying device	2021-07-22 09:24:15 +02:00
Christian Brauner	b9327b7f92	Merge pull request #3909 from petris/bpf_enosys_warn bpf: simplify detection if BPF is supported	2021-07-21 15:25:36 +02:00
Christian Brauner	669953fbd1	Merge pull request #3911 from siv0/fix_legacy_cgroup_devices Fix legacy cgroup devices	2021-07-20 17:57:42 +02:00
Petr Malat	7bf85dd20e	bpf: bpf_devices_cgroup_supported() should check if bpf() is available bpf_devices_cgroup_supported() tries to load a simple BPF program to test if BPF works. This is problematic because the function used to load the program - bpf_program_load_kernel() - emits an error to the log if BPF is not enabled in the kernel although device controller is not requested in the configuration. Users could interpret that as a problem. Make bpf_devices_cgroup_supported() check if the BPF syscall is available before calling bpf_program_load_kernel(). We can do it by passing a NULL pointer instead of the syscall argument as the kernel returns either ENOSYS, when the syscall is not implemented or EFAULT, when it is implemented. Signed-off-by: Petr Malat <oss@malat.biz>	2021-07-20 17:51:23 +02:00
Petr Malat	128655e765	lxc_setup_ttys: Handle existing ttyN file without underlying device If a device file is opened and there isn't the underlying device, the open call fails with ENXIO, but the path can be opened with O_PATH, which is enough for mounting over the device file. Generalize this idea and use O_PATH for all cases when the file is there. One still must check for both ENXIO and EEXIST as it's unspecified what error is reported if multiple error conditions occur at the same time. Signed-off-by: Petr Malat <oss@malat.biz>	2021-07-20 15:43:24 +02:00
Stoiko Ivanov	eece10d519	cgroups: remove unneeded variables from cgroup_tree_create Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>	2021-07-20 12:06:27 +02:00
Stoiko Ivanov	60052c3be7	cgroups: populate hierarchy for device cgroup With the changes introduced in: `b7b1e3a34c` the hierarchy-struct did not have the path_lim set anymore, which is needed by setup_limits_legacy (->cg_legacy_set_data->lxc_write_openat) to actually access the cgroup directory. The issue can be reproduced with a container config having ``` lxc.cgroup.devices.deny = a ``` (or any lxc.cgroup.devices entry) set on a system booted with systemd.unified_cgroup_hierarchy=0. This affects all privileged containers on PVE (due to the default devices.deny entry). Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>	2021-07-20 12:04:35 +02:00
Stéphane Graber	0a75530661	Merge pull request #3908 from brauner/2021-07-15.fixes.4 terminal: fix error handling	2021-07-15 16:14:07 -04:00

... 4 5 6 7 8 ...

11115 Commits