Otherwise in the error case, we end up subtracting two from the
static_args, which would lead to a segfault :)
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
We initialized cgfsng in a strange way inside of its implementation of
escape so we could use it during checkpoint. Instead, the previous patch
does a hacky initialization in criu.c, and we can get rid of the hacks
elsewhere :)
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CRIU has added support for passing --cgroup-root on dump, which we should
use (see the criu commit 07d259f365f224b32914de26ea0fd59fc6db0001 for
details). Note that we don't have to do any version checking or anything,
because CRIU just ignored --cgroup-root on checkpoint before, so passing it
is safe, and will result in correct behavior when a sufficient version of
CRIU is present.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
N.B. that these are only implemented in cgfsng, but,
15:28:28 tych0 | do we still use cgfs anywhere? or the cgm backend?
15:29:19 stgraber | not anywhere we care about
...I think that's okay.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
- We expect destroy to fail in zfs_clone() so try to silence it so users are
not irritated when they create zfs snapshots.
- Add -r recursive to zfs_destroy(). This code is only hit when a) the
container has no snapshots or b) the user calls destroy with snapshots. So
this should be safe. Without -r snapshots will remain.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
- When we detect that the container, we want to attach to, has been stared with
PR_SET_NO_NEW_PRIVS we attach with PR_SET_NO_NEW_PRIVS as well. (We might
relax this restriction later but let's be strict for now.)
- When LXC_ATTACH_NO_NEW_PRIVS is set in the flags passed to
lxc_attach()/attach_child_main() then we set PR_SET_NO_NEW_PRIVS irrespective
of whether the container was started with PR_SET_NO_NEW_PRIVS or not.
- Set no_new_privs before lsm and seccomp. We probably don't want attach() to
be able to change the lsm or seccomp policy if the container was started with
PR_SET_NO_NEW_PRIVS enabled.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
Set no_new_privs after setting the lsm label. If we do set it before we aren't
allowed to change the label anymore.
Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
An incorrect quoting introduced in bf39edb caused a /{lib,etc} folder to
appear in Debian templates
The very next line :
mkdir -p "${rootfs}/etc/systemd/system/getty.target.wants
makes creating ${rootfs}/etc/systemd/system/ unnecessary in the first
place
Signed-off-by: Maxime Besson <maxime.besson@smile.fr>
Given commit 330ae3d350:
lxccontainer: detect if we should send SIGRTMIN+3
This is required by systemd to cleanly shutdown. Other init systems should not
have SIGRTMIN+3 in the blocked signals set.
we should stop symlinking halt.target to sigpwr.target for systemd.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
