mirror_lxc

mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-18 11:11:39 +00:00

Author	SHA1	Message	Date
Christian Brauner	7b371c1e0b	conf: coding style fixes Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-27 16:46:49 +01:00
Christian Brauner	e25af1bc38	conf: fix coding style Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-27 16:16:42 +01:00
Christian Brauner	e9636f4f48	Merge pull request #3634 from motiejus/mkdir-proc-sys mkdir -p /proc /sys on container startup	2021-01-27 15:03:57 +01:00
Motiejus Jakštys	493e00b68d	mkdir -p /proc /sys on container startup some containers don't have it, and strange things happen. Signed-off-by: Motiejus Jakštys <motiejus@jakstys.lt>	2021-01-27 12:19:15 +02:00
Stéphane Graber	2c64170505	Merge pull request #3633 from brauner/2021-01-25/criu cgroups: fixes and cgroup2 improvements	2021-01-26 11:04:22 -05:00
Christian Brauner	928b065d34	criu: handle cgroup2 freezer Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-26 15:58:41 +01:00
Christian Brauner	6dcd6f0284	cgroups: detect and record cgroup2 freezer support Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-26 15:35:54 +01:00
Christian Brauner	f914ae08c4	cgroups: rework cg_unified_init() Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-26 15:29:21 +01:00
Christian Brauner	09ed8992c5	cgroups: coding style fixes Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-26 15:29:18 +01:00
Christian Brauner	9cde8a8ab4	string_utils: add must_make_path_relative() Stolen without shame from my previous implementation in LXCFS. Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-26 15:29:14 +01:00
Christian Brauner	d23cb29e64	file_utils: introduce read_file_at() Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-26 15:29:07 +01:00
Stéphane Graber	6f2f65909e	Merge pull request #3632 from brauner/2021-01-25/fixes autotools: update build	2021-01-25 11:29:47 -05:00
Christian Brauner	b59bc011e3	autotools: update build Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-25 17:04:43 +01:00
Christian Brauner	1aaf81c338	configure: add AC_SYS_LARGEFILE checking Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-25 12:51:31 +01:00
Christian Brauner	123ca49e2d	config: update ax_pthread.m4 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-25 12:45:09 +01:00
Stéphane Graber	8061dd6e67	Merge pull request #3631 from brauner/2021-01-24/fixes tree-wide: fix compilation with-Wstrict-prototypes -Wold-style-defini…	2021-01-24 21:05:21 -05:00
Christian Brauner	39b725730c	tree-wide: fix compilation with-Wstrict-prototypes -Wold-style-definition Fixes: #3630 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-24 22:19:34 +01:00
Stéphane Graber	609d2b2e63	Merge pull request #3629 from brauner/2021-01-22/static_binaries build: allow to build all binaries statically via --enable-static-binaries	2021-01-22 15:40:34 -05:00
Christian Brauner	1d91880163	autotools: enable static builds for commands Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-22 19:31:11 +01:00
Christian Brauner	8e43f33e65	autotools: enable static builds for tools Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-22 19:30:45 +01:00
Christian Brauner	014a65ef16	configure: support static binaries Including openssl handling. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-22 19:30:15 +01:00
Christian Brauner	3382f3ede0	initutils: fix missing includes Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-22 18:08:27 +01:00
Christian Brauner	5f1269773c	tree-wide: fix some header inclusions Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-22 17:57:32 +01:00
Christian Brauner	2b6ad639eb	Merge pull request #3623 from cotequeiroz/seccomp Fix compilation without seccomp when libseccomp is installed	2021-01-22 17:55:50 +01:00
Stéphane Graber	be0fb2f759	Merge pull request #3628 from brauner/2021-01-22/fixes conf: fix containers retaining CAP_NET_ADMIN	2021-01-22 10:06:51 -05:00
Christian Brauner	7b854e37a7	lxc_attach: include rexec conditionally Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-22 15:45:22 +01:00
Christian Brauner	b85b44169a	lsm: remove obsolute comment about constructor Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-22 15:45:22 +01:00
Christian Brauner	e6d4df7895	cgroups: fix cgroup mounting Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-22 15:45:22 +01:00
Christian Brauner	5d1bf4c4e1	conf: fix containers retaining CAP_NET_ADMIN Fixes: #3627 Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-22 11:54:25 +01:00
Eneas U de Queiroz	67cd8bde2d	configure: skip libseccomp tests if it is disabled Move the block checking for libseccomp api compatibility inside AM_COND_IF([ENABLE_SECCOMP] ... ). Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>	2021-01-16 13:58:22 -03:00
Eneas U de Queiroz	a342b11fed	commands: fix check for seccomp notify support Use HAVE_SECCOMP_NOTIFY instead of HAVE_DECL_SECCOMP_NOTIFY_FD. Currently the latter will be true if the declaration is found by configure, even if 'configure --disable-seccomp' is used. HAVE_SECCOMP_NOTIFY is defined in lxcseccomp.h if both HAVE_SECCOMP and HAVE_DECL_SECCOMP_NOTIFY_FD are true, which is the correct behavior. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>	2021-01-16 13:58:22 -03:00
Stéphane Graber	092529eaef	Merge pull request #3617 from motiejus/lxc-net-dnsmasq make lxc-net's dnsmasq hermetic	2021-01-11 09:05:22 -05:00
Motiejus Jakštys	60a43d5564	make lxc-net hermetic w.r.t. existing dnsmasq config lxc's dnsmasq will try to read system's dnsmasq if `--conf-file` is not specified. This is likely not desirable, as lxc's dnsmasq should be self-contained. On my system the conflicting options are `--bind-interfaces` and `--bind-dynamic`, since the same host is doing other DNS-y things unrelated to lxc. This is an incompatible change, since lxc's dnsmasq will stop honoring system's `/etc/dnsmasq.conf`, and some systems may be relying on it. Given that, I believe it should not depend on it by default, since dnsmasq is lxc's implementation detail. However, if the user desires, the old behavior could be brought back by setting `LXC_DHCP_CONFILE=/etc/dnsmasq.conf` in `/etc/default/lxc-net`. Signed-off-by: Motiejus Jakštys <motiejus@jakstys.lt>	2021-01-11 12:49:35 +02:00
Stéphane Graber	5e4dddcf9b	Merge pull request #3615 from sirh3e/master Changed Version from 2.. to 4..	2021-01-09 17:47:53 -05:00
sirh3e	949b3059a2	Changed Version from 2.. to 4.. Signed-off-by: sirh3e <marvin.huber@bluewin.ch>	2021-01-09 20:24:59 +01:00
Stéphane Graber	239578849f	Merge pull request #3614 from brauner/2021-01-04/fixes capability fixes	2021-01-04 12:19:00 +01:00
Christian Brauner	d84b26bc8b	conf: fix CAP_NET_ADMIN-based mount handling Fixes: `e8b9c9ec6f` ("unmounted proc/sys/net if dropping CAP_NET_ADMIN") Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-04 11:21:53 +01:00
Christian Brauner	309ae2876f	conf: add lxc_wants_cap() helper Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-04 11:16:31 +01:00
Christian Brauner	fa934e3e24	macro: define all capabilities Fixes: #3612 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-04 11:16:31 +01:00
Christian Brauner	7b4cd4681d	conf: add new capabilities CAP_{BLOCK_SUSPEND,PERFMON,BPF,CAP_CHECKPOINT_RESTORE} Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-04 10:58:11 +01:00
Christian Brauner	f2da98c045	conf: define missing capabilities Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-04 10:50:07 +01:00
Christian Brauner	24b77f47ad	macro: use ascending order for capabilities Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-01-04 10:45:44 +01:00
Stéphane Graber	bfcd663fc7	Merge pull request #3608 from brauner/2020-12-27/no_rootfs bugfixes	2020-12-28 05:39:53 -05:00
Christian Brauner	31b84c7a02	cgroup2: move bpf device cgroup program to struct cgroup_ops Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-12-27 18:44:00 +01:00
Christian Brauner	c1c9193cfc	utils: allow cross-device resolution This is needed to enable containers without a rootfs. Fixes: #3607 Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-12-27 11:19:51 +01:00
Stéphane Graber	708e0653c8	Merge pull request #3603 from brauner/2020-12-15/bugfixes confile: don't accidently alter lxc.cgroup.dir	2020-12-15 09:08:44 -05:00
Christian Brauner	c583072d67	confile: don't accidently alter lxc.cgroup.dir Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-12-15 11:58:35 +01:00
Christian Brauner	667fcc0e3c	confile: cleanup set_config_hooks() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-12-15 11:54:34 +01:00
Stéphane Graber	8a0e2272ac	Merge pull request #3601 from brauner/2020-12-14/bugfixes conf: fix block-device based rootfs mounting	2020-12-14 17:42:29 -05:00
Christian Brauner	26ea5533c9	conf: fix block-device based rootfs mounting Fixes: #3598 Cc: stable-4.0 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-12-14 17:52:44 +01:00

... 32 33 34 35 36 ...

11443 Commits