Christian Brauner
fda39d451e
cgroups/devices: introduce ebpf device cgroup global rule types
...
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-01 19:39:48 +01:00
Christian Brauner
30da741c50
cgroups/devices: handle NULL
...
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-01 19:08:43 +01:00
Christian Brauner
68a9e3ebcb
configure: enable -Wunused-but-set-variable
...
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-01 17:07:25 +01:00
Christian Brauner
2a63b5cb7f
cgroups/cgfsng: implement cgroup2 device controller live update
...
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-01 17:07:23 +01:00
Christian Brauner
4bfb655ea8
conf: record cgroup2 devices in parsed format
...
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-01 11:56:43 +01:00
Christian Brauner
cce5a3d716
cgroups/cgfsng: "atomically" replace bpf device programs
...
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-01 11:56:43 +01:00
Christian Brauner
46383a85a9
macro: remove unused macros
...
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-01 11:56:43 +01:00
Christian Brauner
e4dffa2f97
api_extension: add cgroup2_devices api extension
...
This will only be defined if liblxc was even compiled with bpf supported.
Support itself will be determined at runtime by liblxc itself.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-12-01 11:56:43 +01:00
Stéphane Graber
637de040ae
Merge pull request #3194 from brauner/cgroup2_devices
...
cgroups: add cgroup2 device controller support
2019-11-29 14:28:27 -05:00
Christian Brauner
bf6519892e
cgroups: add cgroup2 device controller support
...
Add a bpf-based device controller implementation.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-11-29 17:10:13 +01:00
Christian Brauner
5f31d8f1dd
Merge pull request #3193 from lifeng68/master
...
cgfsng: return attach fail if container stopped
2019-11-27 09:17:37 +01:00
LiFeng
e2cb2e749f
cgfsng: return attach fail if container stopped
...
Signed-off-by: LiFeng <lifeng68@huawei.com>
2019-11-27 03:59:23 -05:00
dongxinhua
9dd7598161
conf: fix memory leak for set config rootfs options
...
Signed-off-by: dongxinhua <dongxinhua@huawei.com>
2019-11-21 22:20:20 +08:00
Stéphane Graber
f177506f59
Merge pull request #3190 from idatahu/fix_ovs_log
...
fix wrong order of bridge/nic in error message
2019-11-20 16:44:06 -05:00
Balázs Póka
53796b941e
fix wrong order of bridge/nic in error message
...
Signed-off-by: Balázs Póka <poka@idata.hu>
2019-11-20 21:06:23 +01:00
Christian Brauner
e166e391f4
Merge pull request #3189 from Rachid-Koucha/patch-2
...
Typo in a comment
2019-11-20 13:05:46 +01:00
Rachid Koucha
317494f100
Typo in a comment
...
"above" was used instead of "below"
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
2019-11-20 13:03:47 +01:00
Stéphane Graber
4d6e32a55e
Merge pull request #3187 from brauner/launchpad_bug_1848587
...
tests: use /dev/null instead of /dev/network_latency
2019-11-19 12:29:58 -05:00
Christian Brauner
920cbb0026
tests: use /dev/loop-control instead of /dev/network_latency
...
BugLink: https://bugs.launchpad.net/bugs/1848587
The latter device has been removed apparently.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-11-19 16:53:03 +01:00
Christian Brauner
d396dd9d85
Merge pull request #3184 from ffontaine/master
...
configure.ac: fix build on toolchain without SSP
2019-11-11 23:22:19 +01:00
Fabrice Fontaine
226205f0c5
configure.ac: fix build on toolchain without SSP
...
Commit 3b5a0eebd43aa7271157http://autobuild.buildroot.org/results/57945f54ffbc5c8764b6891a4516c4907e56ab97
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2019-11-11 22:55:36 +01:00
Stéphane Graber
234507c29a
Merge pull request #3182 from aadi123/master
...
Update cgroup.h
2019-11-09 13:49:27 -05:00
Aaditya Murthy
c8714832a9
Update cgroup.h
...
Fixed the documentation to say that cgroupv2 uses a unified hierarchy
Signed-off-by: Aaditya Murthy <amurthy123@utexas.edu>
2019-11-09 12:17:08 -06:00
Stéphane Graber
d61197e8c9
Merge pull request #3180 from brauner/2019-11-06/terminal_fixes
...
terminal: bugfixes
2019-11-06 08:39:10 -05:00
Christian Brauner
1ba4ae8979
terminal: prevent returning invalid pointer
...
Closes: https://github.com/lxc/lxd/issues/6408
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-11-06 14:08:55 +01:00
Christian Brauner
26ed61e081
terminal: make lxc_terminal_signal_fini() static
...
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-11-06 14:03:43 +01:00
Christian Brauner
e07039d134
Merge pull request #3177 from hallyn/2019-11-01/mapself
...
lxc-usernsexec: support easily mapping own uid
2019-11-04 15:44:11 +01:00
Serge Hallyn
81d15993cc
lxc-usernsexec: support easily mapping own uid
...
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2019-11-02 08:28:51 -05:00
Christian Brauner
f09700dab2
Merge pull request #3175 from ralt/pr/execute-attach-exit-code-tests
...
tests: add tests making sure the exit code is appropriate.
2019-10-30 12:10:00 +01:00
Florian Margaine
188f8836a4
tests: add tests making sure the exit code is appropriate.
...
lxc2 broke this feature for lxc-execute, and lxc3 broke it for
lxc-attach. This adds a test making sure we don't do the same mistake
a third time.
Signed-off-by: Florian Margaine <florian@platform.sh>
2019-10-29 20:52:03 +01:00
Stéphane Graber
202d2ca3c2
Merge pull request #3174 from Blub/2019-10-29/terminal-init-null-on-error
...
terminal: return NULL on error in terminal_signal_init
2019-10-29 09:29:17 +01:00
Wolfgang Bumiller
ce70ff7c4c
terminal: return NULL on error in terminal_signal_init
...
Callers expect a NULL on error, and with PR #3171 marking
the pointer as __do_free, we now return a pointer to freed
memory here otherwise.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-10-29 08:42:59 +01:00
Stéphane Graber
636a2ef2f9
Merge pull request #3171 from brauner/bugfixes
...
terminal: prevent memory leak for lxc_terminal_state
2019-10-25 09:38:25 -04:00
Christian Brauner
28327a43e2
terminal: prevent memory leak for lxc_terminal_state
...
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2019-10-25 15:14:12 +02:00
Christian Brauner
a86690e0c2
Merge pull request #3169 from Blub/2019-10-23/aa_prevent_proc-acpi
...
apparmor: Prevent writes to /proc/acpi/**
2019-10-23 11:02:37 +02:00
Wolfgang Bumiller
95ad620e0c
apparmor: Prevent writes to /proc/acpi/**
...
Same as #3117 .
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-10-23 10:53:21 +02:00
Christian Brauner
344b8ee293
Merge pull request #3168 from havmind/memfd_create_powerpc
...
syscall_wrappers: rename internal memfd_create to memfd_create_lxc
2019-10-22 14:09:47 +02:00
Patrick Havelange
40b06c7877
syscall_wrappers: rename internal memfd_create to memfd_create_lxc
...
In case the internal memfd_create has to be used, make sure we don't
clash with the already existing memfd_create function from glibc.
This can happen if this glibc function is a stub. In this case, at
./configure time, the test for this function will return false, however
the declaration of that function is still available. This leads to
compilation errors.
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
2019-10-22 13:58:30 +02:00
Christian Brauner
6637fb9f48
Merge pull request #3161 from tomponline/tp-lxc-destroy
...
lxc/tools/lxc/destroy: Restores error message on container destroy
2019-10-14 11:21:01 +02:00
Thomas Parrott
a0e686fdac
lxc/tools/lxc/destroy: Restores error message on container destroy
...
Partially reverts 65b92ea5fc
2019-10-14 10:13:48 +01:00
Stéphane Graber
ebd5b33c8d
Merge pull request #3160 from tenforward/japanese
...
Update lxc.containers.conf(5) in Japanese
2019-10-12 12:49:52 -04:00
KATOH Yasufumi
8f6d5e9cc8
Update lxc.containers.conf(5) in Japanese
...
Update for commit 767bd70
2019-10-13 01:39:52 +09:00
Stéphane Graber
0065a2fd47
Merge pull request #3159 from Rachid-Koucha/patch-1
...
Bad sgml/man translation
2019-10-12 12:29:31 -04:00
Rachid Koucha
767bd70a6b
Bad sgml/man translation
...
When calling "man lxc.container.conf", an internal "man" keyword is displayed :
$ man lxc.container.conf
[...]
lxc.mount.entry
Specify a mount point corresponding to a line in the fstab format. Moreover lxc supports mount propagation, such as
rslave or rprivate, and adds three additional mount options. optional don't fail if mount does not work. create=dir
or create=file to create dir (or file) when the point will be mounted. relative source path is taken to be relative to
the mounted container root. For instance,
dev/null proc/kcore none bind,relative 0 0
.fi <-----------------------------------UNEXPECTED KEYWORD !!!!
The problem seems to come from the missing blanks before "dev/null proc/kcore none bind,relative 0 0"
Moreover, for homogeneity purposes, it is better to use the "programlisting" tag used in the rest of the text instead of "screen".
Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>
2019-10-12 13:05:50 +02:00
Christian Brauner
ce15092995
Merge pull request #3157 from tenforward/japanese
...
Update Japanese lxc.container.conf(5)
2019-10-11 09:20:46 +02:00
KATOH Yasufumi
a517f6d61f
Add more info about lxc.start.order in Japanese man
...
Update for commit 0684250
2019-10-11 16:08:29 +09:00
KATOH Yasufumi
9c744e39c3
Add autodev.tmpfs.size to Japanese lxc.container.conf(5)
...
Update for commit 63012bd
2019-10-11 16:04:06 +09:00
Christian Brauner
19a6b624a8
Merge pull request #3155 from caioboffo/issue#3147
...
Send successful output messages to log info instead of error
2019-10-10 11:04:12 +02:00
Caio B. Silva
65b92ea5fc
lxc-destroy: send successful output messages to log info instead of error.
...
Signed-off-by: Caio B. Silva <caioboffo@gmail.com>
2019-10-09 16:06:44 -03:00
Stéphane Graber
9e0cfe4977
Merge pull request #3154 from ljelinek-cznic/doc-start-order
...
doc: Add more info about 'lxc.start.order'
2019-10-09 09:36:12 -04:00
