proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-15 21:26:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,533 Commits 6 Branches 17 Tags 29 MiB
501751d09a
Commit Graph

7533 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Wolfgang Bumiller
6e6aca3e3e apparmor: update current profiles 
remove cgmanager rules and add fstype=cgroup2 variants for
the existing fstype=cgroup rules

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2018-07-25 12:13:17 +02:00
Wolfgang Bumiller
eb5c2e6aee utils: add must_concat helper 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2018-07-25 12:12:27 +02:00
Wolfgang Bumiller
7e556d185c apparmor: use fopen_cloexec 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2018-07-25 12:12:25 +02:00
Stéphane Graber
434381b00b
Merge pull request #2492 from brauner/2018-07-14/fix_indendation 
lxccontainer: fix indendation
 2018-07-24 11:17:32 -04:00
Christian Brauner
095b5c7d2e
lxccontainer: fix indendation 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-24 15:09:13 +02:00
Wolfgang Bumiller
c68d5b0dd6 lsm: fixup lsm_process_label_set_at return values 
Always return -1 on error (some code paths returned -1, some
returned negative error codes), don't assume 'errno' is set
afterwards, as the function already prints errors and not
all code paths will have a usable errno value.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2018-07-24 13:59:25 +02:00
Wolfgang Bumiller
39e2cbec3c tests: lxc-test-apparmor-mount: check environment early 
don't kill all my processes when running it as user...

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2018-07-24 13:59:25 +02:00
Wolfgang Bumiller
d652391586 tests: lxc-test-apparmor-mount: show a log on error 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2018-07-24 13:59:25 +02:00
Christian Brauner
023d07ee10
Merge pull request #2489 from 2xsec/bugfix 
change log macro of error case from lxc_ambient_caps_up/down
 2018-07-22 17:42:33 +02:00
Christian Brauner
9ddc6b44c4
Merge pull request #2300 from LizaTretyakova/mount_injection 
Mount injection API
 2018-07-22 16:20:31 +02:00
Christian Brauner
54fc984b50
confile: add missing header 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-22 16:05:50 +02:00
Christian Brauner
ea0e06dd74
start: coding style fixes 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-22 16:05:50 +02:00
Christian Brauner
6b74139780
conf: coding style fixes 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-22 15:50:47 +02:00
Liza Tretyakova
fd14fdb827
confile: add strdup failure check 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
[christian.brauner@ubuntu.com: coding style]
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-22 15:50:29 +02:00
Liza Tretyakova
60534030e4
conf, lxccontainer: fix length checks in snprintf 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:35:21 +02:00
Liza Tretyakova
7a41e8578e
conf, confile, lxccontainer, start: nonfunctional changes 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:35:21 +02:00
Christian Brauner
1f5a90f946
lxccontainer: reword create_mount_target() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-22 15:35:21 +02:00
Christian Brauner
3340f44172
lxccontainer: do_lxcapi_mount() coding-style 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-22 15:34:06 +02:00
Liza Tretyakova
117deb709e
tests: add filesystem and char device tests 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:34:06 +02:00
Liza Tretyakova
c6885c3f24
lxccontainer: add handling of file mounts 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:33:51 +02:00
Christian Brauner
643bcac997
tests: tweak mount injection tests 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-22 15:33:51 +02:00
Liza Tretyakova
c8c568c85f
tests: add tests for umount 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:33:01 +02:00
Liza Tretyakova
d83da817b3
lxccontainer: add the umount API function 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
[christian@brauner.io: minor coding-style changes]
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-22 15:32:42 +02:00
Liza Tretyakova
d81423f2a0
tests: add mount injection tests 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:32:42 +02:00
Liza Tretyakova
29df56cda5
lxccontainer: add container API function and structs for injecting a mount 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:25:16 +02:00
Liza Tretyakova
4d6cc24cbe
start: add shmount setup on container start 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:25:16 +02:00
Liza Tretyakova
f6310f1844
utils: add shared mount point detection 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:25:15 +02:00
Liza Tretyakova
0d190408c2
conf, confile: add parsing of a shmounts config parameter 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:25:15 +02:00
Liza Tretyakova
adf0ba1fc7
conf, confile: introduce basic structs for shared mount point 
Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>
 2018-07-22 15:25:13 +02:00
2xsec
6f5e532f1e change log macro of error case from lxc_ambient_caps_up/down 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-22 21:03:46 +09:00
Christian Brauner
a633a1edf1
Merge pull request #2488 from 2xsec/bugfix 
docs: tools: -d/--daemonize for lxc-execute
 2018-07-22 07:59:56 +02:00
2xsec
b571ff38da docs: tools: -d/--daemonize for lxc-execute 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-22 13:26:52 +09:00
Christian Brauner
97e567989f
Merge pull request #2486 from 2xsec/bugfix 
thread safe: rand() => rand_r()
 2018-07-21 16:46:40 +02:00
2xsec
18d4ffded4 coverity: #1438067 
Explicit null dereferenced

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-21 22:47:08 +09:00
2xsec
280cc35f08 thread safe: rand() => rand_r() 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-21 22:27:30 +09:00
Christian Brauner
9005b20d02
Merge pull request #2484 from 2xsec/bugfix 
attach: fix return value & cleanups
 2018-07-21 12:09:37 +02:00
2xsec
21d0acc2a5 attach: move errno handling 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-21 18:17:18 +09:00
Christian Brauner
8e12a6913b
Merge pull request #2485 from 2xsec/docs 
docs: add long options of lxc-unshare
 2018-07-21 10:43:18 +02:00
2xsec
ca5a12bb4d docs: add long options of lxc-unshare 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-21 16:48:29 +09:00
2xsec
ea918412a7 attach: fix return value & cleanups 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-21 16:04:01 +09:00
Christian Brauner
010a85d171
Merge pull request #2482 from 2xsec/bugfix 
error handling cleanups #2471
 2018-07-21 06:50:39 +02:00
2xsec
9044b79e19 af_unix: fix return value & cleanups 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-21 02:41:53 +09:00
2xsec
a73846d893 lxccontainer: coding rules 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-20 23:41:10 +09:00
2xsec
29c98ddd9b confile_utils: fix return value & cleanups 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-20 22:05:15 +09:00
Stéphane Graber
8fd3e219c2
Merge pull request #2480 from brauner/2018-07-18/add_required_mount_flags 
conf: the atime flags are locked in userns
 2018-07-19 16:18:21 -04:00
Christian Brauner
ce08b042f9
Merge pull request #2481 from hwoarang/fix-apparmor-paths 
apparmor: Allow /usr/lib* paths for mount and pivot_root
 2018-07-19 14:02:44 +02:00
Markos Chandras
733e375760 apparmor: Allow /usr/lib* paths for mount and pivot_root 
openSUSE Leap 15 is using --libdir=/usr/lib64 when building for
x86_64 so we need to allow this path in the apparmor profiles.

Link: https://bugzilla.opensuse.org/show_bug.cgi?id=1099239
Signed-off-by: Markos Chandras <mchandras@suse.de>
 2018-07-19 12:17:24 +01:00
Christian Brauner
69eadddb37
conf: the atime flags are locked in userns 
This means they need to be added for remount and for fresh mounts.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-18 18:09:21 +02:00
Stéphane Graber
c77abb2006
Merge pull request #2473 from tenforward/japanese 
doc: Translate lxc.monitor.signal.pdeath into Japanese in lxc.contain…
 2018-07-16 12:32:17 -04:00
KATOH Yasufumi
fd5de02921 doc: Translate lxc.monitor.signal.pdeath into Japanese in lxc.container.conf(5) 
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2018-07-17 01:14:06 +09:00