When users pass -1 there's there won't be an escape sequence to exit the
console so no need to print a misleading info message about how to detach.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Hi,
I try to create a Slackware container in a Slackware64 14.2 current and
find that wget depends on libunistring.
So I add libunistring to the package list.
Closes#1915
Signed-off-by: Chia-Chun Hsu a12321aabb@gmail.com
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Now it will be displayed nicely formatted:
a1 login: chb@conventiont|~
> lxc console a1
Connected to tty 0
Type <Ctrl+a q> to exit the console, <Ctrl+a Ctrl+a> to enter Ctrl+a itself
Ubuntu 17.10 a1 console
a1 login:
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This patch fixes the missing workdir issue for the overlayfs mount command in
the lxc-test-unpriv test.
Bug link: https://bugs.launchpad.net/bugs/1730915
Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
In order to enable proper unprivileged cgroup delegation on newer kernels we not
just need to delegate the "cgroup.procs" file but also "cgroup.threads". But
don't report an error in case it doesn't exist. Also delegate
"cgroup.subtree_control" to enable delegation of controllers to descendant
cgroups.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
If a console log file was specified this flag indicates whether the contents of
the ringbuffer should be written to the logfile when a request is sent to the
ringbuffer.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
When users request that the container keep a console ringbuffer we will not
continously write to the on-disk logfile as mirroring the contents of the
in-memory ringbuffer on-disk is costly and complicated. Instead, we dump the
ringbuffer contents on-disk when the container stops or fails to start. This
way users can still diagnose problems or retrieve the last contents of the
ringbuffer on-disk.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
We need to have lxc_attach() distinguish between a caller specifying specific
namespaces to attach to and a caller not requesting specific namespaces. The
latter is taken by lxc_attach() to mean that all namespaces will be attached.
This also needs to include all inherited namespaces.
Closes#1890.
Closes#1897.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
The configure checks for these use AC_CHECK_DECLS, which define the symbol
to 0 if not available - So adjust the code to match. From the autoconf
manual:
https://www.gnu.org/software/autoconf/manual/autoconf-2.65/html_node/Generic-Declarations.html)
For each of the symbols (comma-separated list), define HAVE_DECL_symbol (in
all capitals) to ‘1’ if symbol is declared, otherwise to ‘0’.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Implement inheriting user namespaces.
- When inheriting user namespaces make sure to not try and map ids again. The
kernel will not allow you to do this.
- Change clone() logic:
1. If we inherit no namespaces simply call lxc_clone().
2. If we inherit any namespaces call lxc_fork_attach_clone(). Here's why:
- Causes one syscall (fork()) instead of two syscalls (setns() to
inherited namespace and setns() back to parent namespace) to be
performed.
- Allows us to get rid of a bunch of variables and helper functions/code.
- Sharing a user namespaces requires us to setns() to the inherited user
namespace but the kernel does not allow reattaching to a parent user
namespace. So the old logic made user namespace inheritance impossible.
By using the lxc_fork_attach_clone() model we can simply setns() to the
inherited user namespace in the fork()ed child and be done with it.
The only thing we need to do is to specify CLONE_PARENT when calling
clone() in lxc_fork_attach_clone() so that we can wait on the child.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Brings the number of open fds in the monitor process for a standard container
without ttys down to 17.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
There's no obvious need to strdup() the name of the container in the handler.
We can simply make this a pointer to the memory allocated in
lxc_container_new().
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
