proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-02 17:37:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,872 Commits 6 Branches 17 Tags 29 MiB
38e76fbb94
Commit Graph

7872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Christian Brauner
47d720d13e
autotools: fix lxc-user-nic build 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-30 20:20:16 +02:00
Christian Brauner
253c403df5
autotools: fix lxc-monitord build 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-30 20:20:16 +02:00
Christian Brauner
2fe8b2a063
autotools: fix lxc init build 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-30 20:20:16 +02:00
Christian Brauner
d7b58715b6
raw_syscalls: add lxc_raw_getpid() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-30 20:20:16 +02:00
Christian Brauner
38e5c2dbba
raw_syscalls: add lxc_raw_clone{_cb}() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-30 20:20:14 +02:00
Stéphane Graber
97358bb2bf
Merge pull request #2663 from brauner/2018-09-30/netns_ifaddrs 
netns_ifaddrs: handle IFLA_STATS{64} correctly
 2018-09-30 14:01:06 -04:00
Christian Brauner
13be27338c
raw_syscalls: add lxc_raw_execveat() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-30 19:40:51 +02:00
Christian Brauner
6b3d24d716
syscall_wrappers: add pivot_root() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-30 12:50:23 +02:00
Christian Brauner
da5efb6f76
netns_ifaddrs: handle IFLA_STATS{64} correctly 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-30 12:29:19 +02:00
Stéphane Graber
2a2d77c356
Merge pull request #2661 from brauner/2018-09-28/relro_bind_now 
autotools: support -z relro and -z now
 2018-09-29 01:15:11 +02:00
Christian Brauner
e6fe24e134
autotools: support -z relro and -z now 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-28 22:58:20 +02:00
Stéphane Graber
14c31772d0
Merge pull request #2658 from brauner/2018-09-28/keyctl 
utils: add lxc_setup_keyring()
 2018-09-28 14:13:47 +02:00
Christian Brauner
b25291da14
utils: add lxc_setup_keyring() 
Allocate a new keyring if we can to prevent information leak.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-28 13:41:14 +02:00
Christian Brauner
c73fbad129
configure: fix -Wimplicit-fallthrough check 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-28 13:41:14 +02:00
Stéphane Graber
af2c0fa7b1
Merge pull request #2657 from ssup2/master 
oci-template: Add logic for no /etc/passwd, group
 2018-09-28 12:32:02 +02:00
Jungsub Shin
a2ade420c0 oci-template: Add logic for no /etc/passwd, group 
OCI image spec dosen't specify action when there is
no /etc/passwd or /etc/group. So if there is no
/etc/passwd with string user info, set uid to 0. If there
is no /etc/group with string group info, set gid to 0.

Signed-off-by: Jungsub Shin jungsub_shin@tmax.co.kr
 2018-09-28 19:24:09 +09:00
Stéphane Graber
46706d0b67
Merge pull request #2656 from brauner/2018-09-28/fix_btrfs_regression 
btrfs: fix btrfs containers
 2018-09-28 12:13:39 +02:00
Christian Brauner
37aa48515b
btrfs: fix btrfs containers 
Closes #2612.
Closes #2655.

Fixes: 9de31d5a13 ("tree-wide: s/strncpy()/strlcpy()/g")
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-28 11:27:28 +02:00
Stéphane Graber
56e28f9258
Merge pull request #2629 from ssup2/master 
template: oci template supports for char user info
 2018-09-28 10:35:51 +02:00
Jungsub Shin
b8cfbbd140 template: oci template supports for char user info 
oci template changes character user info to uid, gid
according to OCI image spec.

Signed-off-by: Jungsub Shin jungsub_shin@tmax.co.kr
 2018-09-28 10:14:06 +09:00
Stéphane Graber
2b35fa3003
Merge pull request #2653 from brauner/2018-09-27/minor_tweaks 
cgroups: tweaks
 2018-09-27 14:30:57 +02:00
Christian Brauner
4394ea17cb
cgroup: make monitor_pattern const 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-27 13:36:17 +02:00
Christian Brauner
529822a46f
cgfsng: log cgroup names for monitor and container 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-27 13:35:34 +02:00
Wolfgang Bumiller
adaeef1fcc
Merge pull request #2643 from brauner/2018-09-23/cgroup_scoping_fixes 
cgroups: implement monitor cgroup deletion
 2018-09-27 13:12:56 +02:00
Stéphane Graber
537eba4c30
Merge pull request #2652 from brauner/lxc/master 
tree-wide: fix includes to fix bionic builds
 2018-09-27 03:51:48 -04:00
Christian Brauner
d38dd64a51
tree-wide: fix includes to fix bionic builds 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-27 01:01:33 +02:00
Stéphane Graber
55ac911a51
Merge pull request #2649 from brauner/lxc/master 
netns_ifaddrs: fix missing include
 2018-09-26 13:17:19 -04:00
Christian Brauner
4e79fc5a73
Merge pull request #2650 from tenforward/japanese 
doc: Add -u and -g args to Japanese lxc-attach(1) and lxc-execute(1)
 2018-09-26 18:30:31 +02:00
KATOH Yasufumi
a4a0bba4e2 doc: Add -u and -g args to Japanese lxc-attach(1) and lxc-execute(1) 
Update for commit ddd51fd and 0840104

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2018-09-27 01:21:41 +09:00
Christian Brauner
a3aba11021
netns_ifaddrs: fix missing include 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-26 18:14:46 +02:00
Stéphane Graber
323a7f1871
Merge pull request #2648 from brauner/2018-09-26/compiler_attributes 
compiler: add __hot attribute
 2018-09-26 10:44:51 -04:00
Stéphane Graber
6de0734bb1
Merge pull request #2647 from brauner/2018-09-23/noreturn_android 
compiler: fix __noreturn on bionic
 2018-09-26 10:44:36 -04:00
Christian Brauner
afeec9b739
compiler: add __hot attribute 
This instructs the compiler to better optimize the config parsing code.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-26 14:52:27 +02:00
Christian Brauner
d17947f8f3
compiler: fix __noreturn on bionic 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-26 14:38:41 +02:00
Christian Brauner
ebc10afe21
cgfsng: do not go into infinite loop 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-26 14:16:10 +02:00
Christian Brauner
a3650c0c4d
cgfsng: s/25/INTTYPE_TO_STRLEN(pid_t)/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-26 14:13:05 +02:00
Christian Brauner
5ce03bc048
cgfsng: ensure no-reuse in cgfsng_monitor_create() 
The same way we need to ensure that no existing cgroups are reused for
the payload in cgfsng_payload_create() we need to ensure that no
existing cgroups are reused for the monitor. Technially this is less of
an issue since there currently is no logic for the monitor to apply
limits to its cgroup but it is still the proper way to do it.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-26 14:11:47 +02:00
Christian Brauner
625ad37b59
cgroups: introduce helper macros 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-26 14:11:47 +02:00
Christian Brauner
434c8e15c9
cgfsng: add cgfsng_monitor_destroy() 
Since we switched to the new cgroup scoping scheme that places the
container payload into lxc.payload/<container-name> and
lxc.monitor/<container-name> deletion becomes slightly more complicated.
The monitor will be able to rm_rf(lxc.payload/<container-name>) but will
not be able to rm_rf(lxc.monitor/<container-name>) since it will be
located in that cgroup and it will thus be populated.
My current solution to this is to create a lxc.pivot cgroup that only
exists so that the monitor process on container stop can pivot into it,
call rm_rf(lxc.monitor/<container-name>) and can then exit. This group
has not function whatsoever apart from this and can thus be shared by
all monitor processes.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-26 14:11:47 +02:00
Christian Brauner
3999f50bd2
cgfsng: s/cgfsng_destroy/cgfsng_payload_destroy/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-26 14:08:26 +02:00
Stéphane Graber
810fd51c92
Merge pull request #2618 from CameronNemo/lxcmountroot 
apparmor: account for specified rootfs path (closes #2617)
 2018-09-25 14:46:21 -04:00
Stéphane Graber
34d66b6877
Merge pull request #2646 from brauner/2018-09-24/cgroup_tweaks 
cgfsng: set errno to ENOENT on get_hierarchy()
 2018-09-24 23:35:03 +02:00
Christian Brauner
27a5132c22
cgfsng: set errno to ENOENT on get_hierarchy() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-24 22:58:45 +02:00
Christian Brauner
084010482f
doc: tweak documentation a little 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-24 22:07:34 +02:00
Christian Brauner
f3672cf120
Merge pull request #2645 from stgraber/master 
stop: Only freeze if freezer is available
 2018-09-24 21:35:15 +02:00
Stéphane Graber
d18d43da89
stop: Only freeze if freezer is available 
Closes #2644

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
 2018-09-24 14:41:42 -04:00
Stéphane Graber
36be8e6c4a
Merge pull request #2640 from brauner/2018-09-23/netns_getifaddrs 
network: add netns_getifaddrs() implementation
 2018-09-24 00:35:21 +02:00
Christian Brauner
61204b93dd
autotools: fix lxc_user_nic build 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-23 21:19:35 +02:00
Christian Brauner
d3d5554a97
netns_ifaddrs: mark casts as safe 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-23 21:19:35 +02:00
Christian Brauner
b1e44ed125
tree_wide: switch to netns_getifaddrs() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-23 21:19:35 +02:00