MIPS processors implement 3 ABIs: o32, n64 and n32 (similar to x32). The kernel
treats each ABI separately so syscalls disallowed on "all" arches should be
added to all three seccomp sets. This is implemented by expanding compat_arch
and compat_ctx to accept two compat architectures.
After this, the MIPS hostarch detection code and config section code is added.
Signed-off-by: James Cowgill <james410@cowgill.org.uk>
This also changes the help exit status of lxc-unshare and lxc-usernsexec. So
far they did exit(EXIT_FAILURE) whereas all other tools do exit(EXIT_SUCCESS).
Let's align them with the rest of the tools. This should be safe to do.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
With how easy it is to create a collision on a short ID nowadays and
given that the user doesn't actually have to remember or manually enter
the key ID, lets just use the full fingerprint from now on.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
It doesn't have any effect on what lxc-top does and is only
accepted on account of being part of the common option list.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
In almost all commands it's a useful addition to the -n
switch which is a common option, too.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
- Assume that the module name is "overlay" per default and not "overlayfs".
- Assume that the overlay version we are using requires a workdir.
- When we mount an overlay filesystem and we fail with ENODEV retry once with
the module name we haven't already used.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
So far we accidently used close() on the original file descriptor. (After
fdopen() the original fd is considered private and should not be used anymore.
The close operations should be performed on the new file handle. We did the
correct thing on error but not on success.) Using close() on the original fd
caused "Text file busy" errors and prevented the cloned tmpfs container from
starting.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
So far we've simply been using RUNTIME_PATH for the privileged and unprivileged
case. We should actually use XDG_RUNTIME_DIR for the unprivileged case.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
When a container c is on a btrfs filesystem but is directory backed, copying
the container will default to snapshot. This is because of
should_default_to_snapshot() returning true in this case because c is on a
btrfs filesystem. We should make sure that should_default_to_snapshot() only
returns true, when c itself is a btrfs subvolume.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
* Add undocumented options (-v/--set-var, --keep-var, -f/--rcfile)
* Change order of option in SYNOPSIS (-L that is placed after "command")
* Add long options in SYNOPSIS
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
* Add undocumented options (-v/--set-var, --keep-var, -f/--rcfile)
* Change order of option in SYNOPSIS (-L that is placed after "command")
* Add long options in SYNOPSIS
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Log output currently looks like this:
lxc-copy: debbdev/lxcdir.c: dir_clonepaths: 45 directories cannot be snapshotted. Try aufs or overlayfs.
we rather want it to be:
lxc-copy: deb: bdev/lxcdir.c: dir_clonepaths: 45 directories cannot be snapshotted. Try aufs or overlayfs.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
