proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-13 16:20:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
11,115 Commits 6 Branches 17 Tags 29 MiB
09996a4821
Commit Graph

11115 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tomasz Blaszczak
5364ae41aa Resize array in remove_from_array() and fix a crash 
When an item is added to an array, then the array is realloc()ed (to size+1),
and the item is copied (strdup()) to the array.
Thus, when an item is removed from an array, allocated memory pointed by
the item (not the item itself) should be freed, successive items should
be left-shifted and the array realloc()ed again (size-1).

Additional changes:
- Initialize an array in list_all_containers().

Signed-off-by: Tomasz Blaszczak <tomasz.blaszczak@consult.red>
 2021-06-25 13:16:24 +02:00
Tomasz Blaszczak
fe444ea6bc When an item is added to an array, then the array is realloc()ed (to size+1), 
and the item is copied (strdup()) to the array.
Thus, when an item is removed from an array, memory allocated for that item
should be freed, successive items should be left-shifted and the array
realloc()ed again (size-1).

Additional changes:
- If strdup() fails in add_to_array(), then an array should be
  realloc()ed again to original size.
- Initialize an array in list_all_containers().

Signed-off-by: Tomasz Blaszczak <tomasz.blaszczak@consult.red>
 2021-06-23 10:41:39 +02:00
Stéphane Graber
2ccc8081d2
Merge pull request #3870 from brauner/2021-06-16.fixes 
cgroups: use stable ordering for co-mounted v1 controllers
 2021-06-16 08:42:55 -04:00
Christian Brauner
91d0151d89
cgroups: use stable ordering for co-mounted v1 controllers 
Fixes: #3703
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-16 10:03:42 +02:00
Stéphane Graber
b103a2ceec
Merge pull request #3867 from brauner/2021-06-14.fixes 
remove problematic terminology
 2021-06-14 13:41:50 -04:00
Christian Brauner
b7b227cc01
tree-wide: replace problematic terminology 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-14 17:26:24 +02:00
Christian Brauner
8de0119d48
tree-wide: replace problematic terminology 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-14 17:25:39 +02:00
Christian Brauner
f48e807159
tree-wide: replace problematic terminology 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-14 17:21:44 +02:00
Christian Brauner
4f6c7312ef
tree-wide: remove problematic terminology 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-14 17:15:43 +02:00
Christian Brauner
1c01dc2c5e
seccomp: replace problematic terminology 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-14 17:14:26 +02:00
Christian Brauner
af6a5f3add
common.conf: replace problematic terminology 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-14 17:13:00 +02:00
Christian Brauner
a065524e28
Merge pull request #3865 from brauner/2021-06-14.listen_fds 
Add support for LISTEN_FDS environment variable.
 2021-06-14 13:29:20 +02:00
Ruben Jenster
46abf21981
Add support for LISTEN_FDS environment variable. 
The LISTEN_FDS environment variable defines the number of
file descriptors that should be inherited by the container,
in addition to stdio.
The LISTEN_FDS environment variable is defined in the OCI spec
and used to support socket activation.

Refs #3845

Signed-off-by: Ruben Jenster <r.jenster@drachenfels.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-14 11:58:24 +02:00
Christian Brauner
51bbca901b
Merge pull request #3864 from lifeng68/master 
string utils: Make sure don't return uninitialized memory.
 2021-06-14 11:34:14 +02:00
LiFeng
47f5be06a4 string utils: Make sure don't return uninitialized memory. 
The function lxc_string_split_quoted and lxc_string_split_and_trim use
realloc to reduce the memory. But the result may be NULL, the the
returned memory will be uninitialized

Signed-off-by: LiFeng <lifeng68@huawei.com>
 2021-06-12 14:56:04 +08:00
Stéphane Graber
a197d2fb5b
Merge pull request #3861 from brauner/2021-06-08.fixes.2 
api_extensions: introduce idmapped_mounts_v2 api extension
 2021-06-08 10:46:00 -04:00
Christian Brauner
3df13023b0
api_extensions: introduce idmapped_mounts_v2 api extension 
This indicates that LXC supports idmapping the rootfs and
idmapped lxc.mount.entry entries.

Link: https://github.com/lxc/lxd/issues/8870
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-08 15:59:13 +02:00
Stéphane Graber
2384faa223
Merge pull request #3860 from brauner/2021-06-08.fixes 
tools/lxc_autostart: fix failed count
 2021-06-08 09:21:35 -04:00
Christian Brauner
2f7828f699
tools/lxc_autostart: fix failed count 
Don't include skipped containers in the failed count.

Fixes: #3857
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-08 15:01:02 +02:00
Stéphane Graber
81ec0d7ebf
Merge pull request #3856 from brauner/2021-06-07.fixes 
lsm/apparmor: actually report an error when we fail to wire AppArmor …
 2021-06-07 10:31:32 -04:00
Christian Brauner
fd697cc0e9
lsm/apparmor: actually report an error when we fail to wire AppArmor profile 
Link: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1931064
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-07 15:38:10 +02:00
Stéphane Graber
4e92ee3b5d
Merge pull request #3854 from brauner/2021-06-03.fixes 
lxc: add lpthread to lxc.pc
 2021-06-03 11:21:35 -04:00
Christian Brauner
c2a7a6977b
lxc: add lpthread to lxc.pc 
Fixes: #3853
Suggested-by: Tycho Andersen <tycho@tycho.pizza>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-06-03 15:50:20 +02:00
Stéphane Graber
ca5843e1bc
Merge pull request #3852 from pablofsf/lxc-net-nftables 
Update lxc-net to support nftables
 2021-05-28 16:28:57 -04:00
Pablo Correa Gómez
7f4386f096
Update lxc-net to support nftables 
Closes #3093
Closes #3602

Add support for nftables firewall rules if `nft` command line
interface is available in the system

Signed-off-by: Pablo Correa Gómez <ablocorrea@hotmail.com>
 2021-05-28 14:33:23 +02:00
Stéphane Graber
6805cc3666
Merge pull request #3851 from brauner/2021-05-25.fixes 
fixes
 2021-05-25 09:56:43 -04:00
Christian Brauner
4db0514d56
network: please broken compilers 
Some users report that compilation fails because of reports that this
variable can be used uninitialized. Initialize it to silence the
compiler.

Fixes: https://github.com/lxc/lxc/issues/3850
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-25 14:24:01 +02:00
Christian Brauner
f07ba4f991
Merge pull request #3849 from stgraber/master 
README: Update IRC
 2021-05-25 09:01:34 +02:00
Stéphane Graber
c49b9f61b2
README: Update IRC 
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
 2021-05-24 12:13:20 -04:00
Stéphane Graber
90bb9fb2ab
Merge pull request #3848 from brauner/2021-05-21.fixes 
start: rework fd synchronization
 2021-05-21 12:25:56 -04:00
Christian Brauner
6bc4165d3c
start: simplify startup synchronization 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-21 17:58:01 +02:00
Christian Brauner
8945dad0dd
start: reorder START_SYNC_POST_CONFIGURE 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-21 17:27:58 +02:00
Christian Brauner
46a3bf0778
start: use barrier instead of wake/wait pair 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-21 17:27:58 +02:00
Christian Brauner
2df612d422
conf: use explicit signage in bit field 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-21 17:27:58 +02:00
Christian Brauner
111ed96e9c
conf: move file descriptor synchronization with parent into single function 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-21 17:27:58 +02:00
Christian Brauner
493ae3fe7e
conf: move file descriptor synchronization with child into single function 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-21 17:27:58 +02:00
Christian Brauner
98db769c83
cgroups: rework check whether legacy hierarchy is writable 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-21 17:27:58 +02:00
Stéphane Graber
ddd51bd187
Merge pull request #3846 from brauner/2021-05-19.fixes 
conf: fix mount option parsing
 2021-05-19 14:09:14 -04:00
Christian Brauner
380fcc0863
conf: fix mount option parsing 
Fixes: Coverity 1484906
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-19 17:38:20 +02:00
Stéphane Graber
e2e70bd5a2
Merge pull request #3843 from brauner/2021-05-17.idmapped.lxc.mount.entry 
conf: support idmapped lxc.mount.entry entries
 2021-05-19 09:55:26 -04:00
Christian Brauner
df5e747dc9
confile: free mount data 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-19 14:21:52 +02:00
Christian Brauner
5a782dca99
conf: add sequence when setting up idmapped mounts 
Make sure we catch any weird behavior.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-19 14:21:52 +02:00
Christian Brauner
1b82d72144
conf: support idmapped lxc.mount.entry entries 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-19 14:21:51 +02:00
Christian Brauner
966dad2494
Merge pull request #3844 from CecilHarvey/master 
Skip rootfs pinning for read-only file system.
 2021-05-18 21:37:14 +02:00
Wei Mingzhi
e859a5ee2c Skip rootfs pinning for read-only file system. 
Signed-off-by: Wei Mingzhi <weimingzhi@baidu.com>
 2021-05-18 20:37:52 +08:00
Christian Brauner
1e4bce2c14
conf: rename struct mount_opt flag member s/flag/legacy_flag/ 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-17 12:44:20 +02:00
Christian Brauner
d94eb39059
tree-wide: s/parse_mntopts/parse_mntopts_legacy/ 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-17 12:40:08 +02:00
Stéphane Graber
73936a0d5c
Merge pull request #3842 from brauner/2021-05-14.fixes 
start: move idmapped mount setup later
 2021-05-14 13:49:18 -04:00
Christian Brauner
e4564b7ef9
start: move idmapped mount setup later 
At the prior location we we're placed between sending and receiving
networking information over the data socket causing the startup to fail.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-05-14 19:00:14 +02:00
Stéphane Graber
5b70f02efc
Merge pull request #3840 from brauner/2021-05-12.fixes.rootfs 
conf: fix containers without rootfs
 2021-05-12 09:03:33 -04:00