proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-16 01:52:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
9,423 Commits 6 Branches 17 Tags 29 MiB
49b21cd7d9
Commit Graph

9423 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Christian Brauner
0ba7e64984
Merge pull request #3480 from Drachenfels-GmbH/master 
checkconfig: Show LXC version in output.
 2020-07-08 12:37:39 +02:00
Ruben Jenster
a65ea78e94 checkconfig: Show LXC version in output. 
Signed-off-by: Ruben Jenster <r.jenster@drachenfels.de>
 2020-07-08 12:06:16 +02:00
Stéphane Graber
fa1a9b4d54
Merge pull request #3479 from brauner/2020-07-06/fixes 
openpty: improve implementation and handling of platforms without it
 2020-07-06 06:51:04 -04:00
Christian Brauner
35eb5cdcb3
openpty: improve implementation and handling of platforms without it 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-06 10:57:47 +02:00
Stéphane Graber
6d3b68510a
Merge pull request #3478 from brauner/2020-07-05/fixes 
openpty: fix faulty rename
 2020-07-05 21:14:22 -04:00
Christian Brauner
0a8409df6d
openpty: fix faulty rename 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-05 23:45:38 +02:00
Stéphane Graber
184de6b8a1
Merge pull request #3477 from brauner/2020-07-05/fixes 
tree-wide: update terminal terminology once more
 2020-07-05 17:29:32 -04:00
Christian Brauner
41808e20a1
tree-wide: s/pts/pty/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-05 22:01:57 +02:00
Christian Brauner
36a94ce8e3
tree-wide: s/ptmx/ptx/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-05 22:01:57 +02:00
Stéphane Graber
3e519859bd
Merge pull request #3476 from brauner/2020-07-05/fixes 
cgroups: handle empty bpf log buffer
 2020-07-05 15:24:23 -04:00
Christian Brauner
fddbd86638
cgroups: handle empty bpf log buffer 
Link: https://launchpadlibrarian.net/487274879/buildlog_ubuntu-eoan-amd64.lxc_1:4.0.3+master~20200705-1541-0ubuntu1~eoan_BUILDING.txt.gz
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-05 21:04:27 +02:00
Stéphane Graber
40f02ccd0e
Merge pull request #3475 from brauner/2020-07-05/fixes 
cgroups: fix bpf device program generation
 2020-07-05 11:28:48 -04:00
Christian Brauner
ee9d3ef05b
cgroups: fix bpf device program generation 
Closes: #3473.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-05 11:17:31 +02:00
Stéphane Graber
1844824494
Merge pull request #3474 from brauner/2020-07-03/fixes 
api-extensions: add seccomp_allow_deny_syntax extension
 2020-07-03 09:42:10 -04:00
Christian Brauner
c312db1110
api-extensions: add seccomp_allow_deny_syntax extension 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-03 15:14:15 +02:00
Stéphane Graber
22e97b8e06
Merge pull request #3472 from brauner/2020-07-03/fixes 
fixes
 2020-07-03 08:22:30 -04:00
Christian Brauner
beafa9874e
cgroup2_devices: fix access rule parsing 
Closes: #3473.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-03 13:44:58 +02:00
Christian Brauner
50329f28c3
cgroups: use empty {} to initialize struct 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-03 13:40:12 +02:00
Christian Brauner
78522aa936
seccomp: support allowlist/denylist in profiles 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-03 13:18:36 +02:00
Christian Brauner
9ea99cf7e8
cgroups: update terminology II 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-03 13:01:40 +02:00
Christian Brauner
29a01c3742
cgroups: update terminology 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-07-03 12:58:53 +02:00
Stéphane Graber
ffa6884056
Merge pull request #3469 from johanneskastl/20200630_Kastl_fix_gpg_option 
templates/lxc-download.in: use GPG option "--receive-keys"
 2020-07-01 08:44:06 -04:00
Johannes Kastl
409040e702
templates/lxc-download.in: use GPG option --receive-keys instead of --recv-keys 
Signed-off-by: Johannes Kastl <kastl@b1-systems.de>
 2020-07-01 07:09:09 +02:00
Stéphane Graber
5408652de4
Merge pull request #3468 from johanneskastl/20200630_Kastl_fix_shell_download_template 
templates/lxc-download.in: fix wrong if-condition
 2020-06-30 16:18:44 -04:00
Johannes Kastl
eb44984ae5
templates/lxc-download.in: make shellcheck happy 
Signed-off-by: Johannes Kastl <kastl@b1-systems.de>
 2020-06-30 19:18:21 +02:00
Johannes Kastl
18e18d4c31
templates/lxc-download.in: fix wrong if condition (use the result of the gpg command, not the result when executing the result of the gpg command) 
Signed-off-by: Johannes Kastl <kastl@b1-systems.de>
 2020-06-30 18:52:49 +02:00
Christian Brauner
f88d8e68b0
Merge pull request #3466 from alivenets/fix-no-new-privs 
attach: set no_new_privs flag after LSM label
 2020-06-30 10:18:01 +02:00
Alexander Livenets
6ce8e67825 attach: set no_new_privs flag after LSM label 
In `start.c:1284`, no_new_privs flag is set after LSM label is set.
Also, in `lxc.container.conf` documentation it is written that:
```
Note that PR_SET_NO_NEW_PRIVS is applied after the container has
changed into its intended AppArmor profile or SElinux context.
```
This commit fixes the behavior of `lxc_attach` by moving
`PR_SET_NO_NEW_PRIVS` set logic after LSM for the process is configured;

Closes #3393

Signed-off-by: Alexander Livenets <a.livenets@gmail.com>
 2020-06-30 00:54:36 +02:00
Stéphane Graber
7c8b10e515
Merge pull request #3465 from brauner/2020-06-19/clone_into_cgroup 
clone_into_cgroup: fixes
 2020-06-29 09:24:34 -04:00
Christian Brauner
0aff04e066
start: use __aligned_u64 
Closes: Coverity 1465044.
Closes: Coverity 1465046.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-06-29 14:52:54 +02:00
Christian Brauner
84b66ced1d
start: initialize cgroup_fd 
Fixes: Coverity 1465045.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-06-29 14:51:02 +02:00
Stéphane Graber
d5827bc003
Merge pull request #3464 from brauner/2020-06-19/clone_into_cgroup 
lxc: support CLONE_INTO_CGROUP
 2020-06-29 08:24:00 -04:00
Christian Brauner
f7176c3ea9
lxc: support CLONE_INTO_CGROUP 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-06-29 13:58:21 +02:00
Stéphane Graber
3a9018bba7
Merge pull request #3463 from brauner/2020-06-26/fixes 
confile: handle overflow in lxc.time.offset.{boot,monotonic}
 2020-06-26 09:33:03 -04:00
Stéphane Graber
11e5f16ae0
Merge pull request #3462 from tenforward/japanese 
Update Japanese lxc.container.conf(5)
 2020-06-26 08:45:55 -04:00
Christian Brauner
f1c4343929
start: preserve time namespace 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-06-26 10:40:52 +02:00
Christian Brauner
07f89c1e0e
confile: handle overflow in lxc.time.offset.{boot,monotonic} 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-06-26 10:08:32 +02:00
KATOH Yasufumi
bb144af237 doc: Add lxc.time.offset.* to Japanese lxc.container.conf(5) 
and fix a type in English man page.
Update for commit 7fb5a8dfd2

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2020-06-26 14:24:28 +09:00
KATOH Yasufumi
6fcaba0559 doc: Add veth vlan bridge options to Japanese lxc.container.conf(5) 
Update for commit a789ca4c24

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2020-06-26 14:10:03 +09:00
Stéphane Graber
b2ff0ccc7c
Merge pull request #3461 from brauner/2020-06-25/time_namespace 
time namespace support
 2020-06-25 20:15:50 -04:00
Christian Brauner
7fb5a8dfd2
doc: add lxc.time.offset.{boot,monotonic} 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-06-26 01:03:24 +02:00
Christian Brauner
b1248e473b
api: add time_namespace extension 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-06-26 01:03:24 +02:00
Christian Brauner
70fd7fc9ba
lxc: add time namespace support 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-06-26 01:03:24 +02:00
Stéphane Graber
f0a3c722e6
Merge pull request #3460 from brauner/2020-06-25/fixes 
commands: don't flood logs
 2020-06-25 12:14:41 -04:00
Christian Brauner
769b88ea06
commands: don't flood logs 
We're ignoring commands that we don't know about. They used to be fatal. Not
anymore.

Closes: #3459.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2020-06-25 16:32:33 +02:00
Christian Brauner
44f0f0ab6e
Merge pull request #3458 from stgraber/master 
lxc-net: Set broadcast
 2020-06-24 18:43:22 +02:00
Stéphane Graber
dfc6654e3c
lxc-net: Set broadcast 
Closes #3457

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
 2020-06-23 19:24:54 -04:00
Christian Brauner
baf6d38bd9
Merge pull request #3456 from brauner/2020-06-23/lxc_stop_fixes 
lxccontainer: fix non-blocking container stop
 2020-06-23 11:45:23 +02:00
Robert Vogelgesang
60cd509114
lxccontainer: fix non-blocking container stop 
Stopping a lxc container with without waiting on it was broken in master. This
patch fixes it.

Signed-off-by: Robert Vogelgesang <vogel@folz.de>
 2020-06-23 11:08:09 +02:00
Stéphane Graber
91dd15a426
Merge pull request #3454 from brauner/master 
tree-wide: variable naming update
 2020-06-19 19:08:19 -04:00