- The function mount_entry_create_aufs_dirs() moves from conf.c to
lxcaufs.{c,h} where it belongs.
- In accordance with the "aufs_" prefix naming scheme for functions associated
with lxcaufs.{c,h} mount_entry_create_aufs_dirs() becomes aufs_mkdir().
- Add aufs_get_rootfs() which returns the rootfs for an aufs lxc.rootfs.
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
In mount_entry_on_generic() we dereferenced a NULL pointer whenever a container
without a rootfs was created. (Since mount_entry_on_systemfs() passes them with
NULL.) We have mount_entry_on_generic() check whether rootfs != NULL.
We also check whether rootfs != NULL in the functions ovl_mkdir() and
mount_entry_create_aufs_dirs() and bail immediately. Rationale: For overlay and
aufs lxc.mount.entry entries users give us absolute paths to e.g. workdir and
upperdir which we create for them. We currently use rootfs->path and the
lxcpath for the container to check that users give us a sane path to create
those directories under and refuse if they do not. If we want to allow overlay
mounts for containers without a rootfs they can easily be reworked.
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
Since we allow containers to be created without a rootfs most checks in conf.c
are not sane anymore. Instead of just checking if rootfs->path != NULL we need
to check whether rootfs != NULL.
Minor fixes:
- Have mount_autodev() always return -1 on failure: mount_autodev() returns 0
on success and -1 on failure. But when the return value of safe_mount() was
checked in mount_autodev() we returned false (instead of -1) which caused
mount_autodev() to return 0 (success) instead of the correct -1 (failure).
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
lxc-ls nowadays is a C binary so there's no need to keep the python and
shell versions around anymore, remove them from the branch and cleanup
documentation and Makefiles.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Some systems need to be able to bind-mount /run to /var/run
and /run/lock to /var/run/lock. (Tested with opensuse 13.1
containers migrated from openvz.)
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Commit ea4679694 replaced the python implementation with a
C one.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
- make free_mnts() work directly on the globals mnt_table and mnt_table_size
- have free_mnts() set mnt_table = NULL and mnt_table_size = 0 when its done to
avoid double frees
- simplify error-handling in do_clone_ephemeral()
- do_clone_ephemeral(): when chmod() falls to set permissions on the temporary
folder we created for mkdtemp() remove the folder
- simplify error handling in main()
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
Just as cgmanager does, if we are calculating a task's paths, drop
the trailing '/init.scope'. We don't want the container to sit under
there.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Previously, name= controllers would be handled if lxc.cgroup.use=@all,
but not if lxc.cgroup.use was unspecified. Change that, since you cannot
run systemd in a container without it.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This allows cgfs to be used to create containers in a user namespace,
and have the container owner be able to use cgroups.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
* This are either '.', '..' or a hidden directory.
And this names should not be used for a container
in any case.
* Before this patch, if you created a git repository under lxc.lxcpath (it
can be useful to keep track of the configurations of your containers)
Then, when you run lxc-ls you will get the following output:
# lxc-ls
.git container1 container2 ....
This is because there is a 'config' file inside the '.git' directory.
It is where git stores the configuration of the repository.
And the test lxc-ls does to check if a directory contains a container
is just to check if the 'directory/config' file exists.
Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com>
