There are several cases where the system can no longer access a mount
point or a mount point configuration makes the algorithm bogus.
For example, we mount something and then we chroot, the mount information
will give an unaccessible path and the container won't be able to start
because this mount point will be unaccessible. But if it's the case, then
we can just warn and continue running the container.
Another case is the path to a mount point is not accessible because there
is another mount point on top of it hiding the mount point. So the umount
will fail and the container won't start.
Easy to reproduce:
mkdir -p /tmp/dir1/dir2
mount -t tmpfs tmpfs /tmp/dir1/dir2
mount -t tmpfs tmpfs /tmp/dir1
So can we just ignore the error when unmounting and continue to the list again
and again until it shrinks.
At the end, we just display the list of the unmounted points.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
the last patch commit 81810dd120
make lxc to not compile anymore on rhel5u1
Signed-off-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Hello everyone!
I've written a patch which adds a new config keyword
'lxc.cap.drop'. This keyword allows to specify capabilities which are
dropped before executing the container binary.
Example:
lxc.cap.drop = sys_chroot
lxc.cap.drop = mknod
lxc.cap.drop = sys_module
or specify in a single line:
lxc.cap.drop = sys_chroot mknod sys_module
Reworked-by: Daniel Lezcano <daniel.lezcano@free.fr>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: Michael Holzt <lxc@my.fqdn.org>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
warning with git am, white before tab correction
Signed-off-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
The handler argument to lxc_fini() is never null.
Signed-off-by: Greg Kurz <gkurz@fr.ibm.com>
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
sv[0] has already been closed when reaching out_abort label.
Signed-off-by: Greg Kurz <gkurz@fr.ibm.com>
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
It makes sense to use goto when there's some rollback work to be done.
And it's nice for code clarity to add an explicit suffix to goto labels.
Signed-off-by: Greg Kurz <gkurz@fr.ibm.com>
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
I noticed lxc-console uses '^a' as command-mode prefix to
escape out of console session, so created a patch to make it
configurable. With this, you can do
lxc-console -n foo -e ^t
and exit the session with 'Ctrl+t q'.
For emacs-binding addicts (like me), it's always nice to
let shell handle '^a' as 'beginning-of-line' command...
Signed-off-by: Taisuke Yamada <tai@rakugaki.org>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
The getline function allocate the needed memory. Fix buffer can lead
to 'hard to find' bug. I don't test the pivot_root part but the other
parts are ok.
Signed-off-by: Clement Calmels <clement.calmels@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Correct the way the struct dirent **namelist structure is freed.
Signed-off-by: Clement Calmels <clement.calmels@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
lxc_config_define_add() and lxc_config_define_load() define
the interface to load a list of KEY=VAL buffers in the configuration
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
lxc_config_readline() will be used to parse configuration variable
assigned from the command line with --define
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Just use a list instead of array for dynamically allocated stuff. It's
more appropriated.
Signed-off-by: Clement Calmels <clement.calmels@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Let's take an example:
fd = open(..) /* fd = 3 for example */
lxc_mainloop_add_handler(descr, fd, cb1, data1) fails.
the program take care of the error, it closes the fd
Later, reopen a fd (get 3 for again)
lxc_mainloop_add_handler(desc, fd, cb2, data2) is ok.
When something happen on fd, cb1 with data1 will be called instead of
cb2 with data2, because descr->ev contains 2 entries for fd == 3.
Signed-off-by: Clement Calmels <clement.calmels@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
lxc_<cmd>.c and <cmd>.c files use the same log category : lxc_<cmd>.
The symbol is multiply defined and linking statically lxc commands is
not possible.
The patch introduces new log categories with a '_ui' suffix to
differentiate the command line interface from the library routine.
Reported-by: Ciprian Dorin, Craciun <ciprian.craciun@gmail.com>
Signed-off-by: Cedric Le Goater <clg@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
When the configuration path does not exist, lxc_create misleadingly
tells that it was not set.
Signed-off-by: Michael Holzt <lxc@my.fqdn.org>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
lxc.pc and scripts/lxc-busybox are missing from .gitignore
Signed-off-by: Michael Holzt <lxc@my.fqdn.org>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Rename doc/examples/lxc-complex-config.in to lxc-complex.conf.in as all other
examples in this directory have a .conf ending as well.
Signed-off-by: Michael Holzt <lxc@my.fqdn.org>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
lxc currently does a chroot into the target rootfs. chroot is insecure and
can easily be broken, as demonstrated here:
| root@synergy:~# touch /this_is_the_realrootfs_ouch
| # touch /container/webhost/this_is_the_container
| # lxc-start -n webhost /bin/sh
| # ls this*
| this_is_the_container
| # ./breakchroot
| # ls this*
| this_is_the_realrootfs_ouch
code to break chroot taken from
http://www.bpfh.net/simes/computing/chroot-break.html
Now this can be fixed. As our container has his own mount namespace, we can
easily pivot_root into the rootfs and then unmount all old mounts. The patch
attached add a new config keyword which contains the path to a temporary
mount for the old rootfs (inside the container). This stops the chroot break
method shown before.
Example:
| root@synergy:~# grep pivotdir /var/lib/lxc/webhost/config
| lxc.pivotdir = /oldrootfs
| root@synergy:~# ls -lad /container/webhost/oldrootfs
| drwxr-xr-x 2 root root 4096 2010-01-02 03:59 /container/webhost/oldrootfs
| root@synergy:~# lxc-start -n webhost /bin/sh
| # mount -t proc proc /proc
| # cat /proc/mounts
| rootfs / rootfs rw 0 0
| /dev/root / ext3 rw,relatime,errors=remount-ro,data=writeback 0 0
| devpts /dev/console devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0
| proc /proc proc rw,relatime 0 0
| # ls this*
| this_is_the_container
| # ./breakchroot
| # ls this*
| this_is_the_container
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: Michael Holtz <lxc@my.fqdn.org>
conf object is on stack and is used in forked process.
Signed-off-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
this is a side effect of previous patch I made
on this same function in commit
a6ddef6149
Signed-off-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
few added lines to document the new lxc-create -t option
Signed-off-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
The future kernel 2.6.33 will incorporate the macvlan bridge
mode where all the macvlan will be able to communicate if they are
using the same physical interface. This is an interesting feature
to have containers to communicate together. If we are outside of the
container, we have to setup a macvlan on the same physical interface than
the containers and use it to communicate with them.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Cleanup the script, simplify it and pass the arguments to this
script to be callable by lxc-create template logic.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
The lxc-create command is now able to call a sub script to install
a mini template.
Right now, debian is supported.
The rootfs is stored automatically in <lxcpath>/<name>/rootfs
So the rootfs is a subdirectory of the container configuration directory.
When lxc-destroy is called, the rootfs is deleted with the container
configuration.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
The lxc-debian is epurated and consolidated with a better
error handling.
This script is no longer interactive but it installs in a specified
place the debian rootfs.
This script is not supposed to be called directly so it will fall in
libexec path very soon. This script is called by lxc-create
as a template with the right option and the right place.
The debian network configuration is by dhcp.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
