get_ips accepts an interface name as a parameter but there was no
way to get the interfaces names from the container. This patch
introduces a new get_interfaces call to the API so that users
can obtain the name of the interfaces.
Support for python bindings also introduced as a part of this version.
Signed-off-by: S.Çağlar Onur <caglar@10ur.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
pthread_mutex_lock() will only return an error if it was set to
PTHREAD_MUTEX_ERRORCHECK and we are recursively calling it (and
would otherwise have deadlocked). If that's the case then log a
message for future debugging and exit. Trying to "recover" is
nonsense at that point.
process_lock() was held over too long a time in lxcapi_start()
in the daemonize case. (note the non-daemonized case still needs a
check to enforce that it must NOT be called while threaded). Add
process_lock() at least across all open/close/socket() calls.
Anything done after a fork() doesn't need the locks as it is no
longer threaded - so some open/close/dups()s are not locked for
that reason. However, some common functions are called from both
threaded and non-threaded contexts. So after doing a fork(), do
a possibly-extraneous process_unlock() to make sure that, if we
were forked while pthread mutex was held, we aren't deadlocked by
nobody.
Tested that lp:~serge-hallyn/+junk/lxc-test still works with this
patch.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Tested-by: S.Çağlar Onur <caglar@10ur.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
- add ability to run for multiple iterations
- can also run non-threaded for comparison to threaded case
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Otherwise user-namespace containers will hang on mountall.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Chane pinning mechanism: Use $rootfs/lxc.hold instead of $rootfs.hold
(in case $rootfs is a mountpoint itself), but delete the file
immediately after creating it (but keep it open). This will keep the
root filesystem busy but does not leave any unnecessary files lying
around.
Signed-off-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This patch adds the lxc.mount.auto configuration option that allows the
user to specify that certain standard filesystems should be
automatically pre-mounted when the container is started.
Currently, four things are implemented:
- /proc (mounted read-write)
- /sys (mounted read-only)
- /sys/fs/cgroup (special logic, see mailing list discussions)
- /proc/sysrq-trigger (see below)
/proc/sysrq-trigger may be used from within a container to trigger a
forced host reboot (echo b > /proc/sysrq-trigger) or do other things
that a container shouldn't be able to do. The logic here is to
bind-mount /dev/null over /proc/sysrq-trigger, so that that cannot
happen. This obviously only protects fully if CAP_SYS_ADMIN is not
available inside the container (otherwise that bind-mount could be
removed).
Signed-off-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Add funbction to mount cgroup filesystem hierarchy into the container,
allowing only access to the parts that the container should have access
to, but none else.
Signed-off-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This patch splits off ns legacy cgroup handling from main cgroup
handling. It moves the creation of the cgroups before clone(), so that
the child will easily know which cgroups it will later belong to. Since
this is not possible for the renaming of the 'ns' cgroup, keep that
part after clone.
Signed-off-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
We may long-term want to instead decide on a convention under
/var/log, but for now just ignore it. This will only happen
if lxcpath is read-only.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
- Also convert to unix abstract socket
- A simple FNV hash is used instead of SHA-1 since we may not HAVE_GNUTLS
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Moving these files should allow $lxcpath to be a read-only fs.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
If a cgroup hierarchy has ns cgroup composed, then we need to treat
that differently:
1. The container init will have already been switched to a new cgroup
called after its pid.
2. We can't move the container init to new deeper cgroup directories.
So, if we detect an ns cgroup, don't bother trying to construct a new
name according to the pattern. Just rename the current one to the
container name, and save that path for us to later enter and remove.
Note I'm not dealing with the subpaths so nested containers probably
won't work. However as ns cgroup is very much legacy, that should be
ok. Eventually we should be able to drop ns cgroup support altogether,
but not just yet.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Otherwise we fail to recognize if we are already unconfined. Then,
if we want to *start* unconfined, and /proc is readonly, start fails
even though it should be able to proceed.
With this patch, that situation works.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Reported-by: Andre nathan <andre@digirati.com.br>
It's a legitimate use case to use read-only $lxcpath. If we can't
create the pin file, then we're not worried about marking the fs
readonly on exit.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This patch rewrites most of the cgroup logic. It creates a set of data
structures to store the kernel state of the cgroup hierarchies and
their mountpoints.
Mainly, everything is now grouped with respect to the hierarchies of
the system. Multiple controllers may be mounted together or separately
to different hierarchies, the data structures reflect this.
Each hierarchy may have multiple mount points (that were created
previously using the bind mount method) and each of these mount points
may point to a different prefix inside the cgroup tree. The current
code does not make any assumptions regarding the mount points, it just
parses /proc/self/mountinfo to acquire the relevant information.
The only requirement is that the current cgroup of either init (if
cgroup.pattern starts with '/' and the tools are executed as root) or
the current process (otherwise) are accessible. The root cgroup need
not be accessible.
The configuration option cgroup.pattern is introduced. For
root-executed containers, it specifies which format the cgroups should
be in. Example values may include '/lxc/%n', 'lxc/%n', '%n' or
'/machine/%n.lxc'. Any occurrence of '%n' is replaced with the name of
the container (and if clashes occur in any hierarchy, -1, -2, etc. are
appended globally). If the pattern starts with /, new containers'
cgroups will be located relative to init's cgroup; if it doesn't, they
will be located relative to the current process's cgroup.
Some changes to the cgroup.h API have been done to make it more
consistent, both with respect to naming and with respect to the
parameters. This causes some changes in other parts of the code that
are included in the patch.
There has been some testing of this functionality, but there are
probably still quite a few bugs in there, especially for people with
different configurations.
Signed-off-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Adds a few useful string and array manipulation functions to utils.[ch]
Signed-off-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Newer glibc versions (that we can't require) allow for an additional
letter 'e' in the fopen mode that will cause the file to be opened with
the O_CLOEXEC flag, so that it will be closed if the program exec()s
away. This is important because if liblxc is used in a multithreaded
program, another thread might want to run a program. This options
prevents the leakage of file descriptors from LXC. This patch adds an
emulation for that that uses the open(2) syscall and fdopen(3). At some
later point in time, it may be dropped against fopen(..., "...e").
This commit also converts all fopen() calls in utils.c (where the
function is added) to fopen_cloexec(). Subsequently, other calls to
fopen() and open() should also be adapted.
Signed-off-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Instead of duplicating the code for parsing the global config file for
each option, write one main function, lxc_global_config_value, that
does the parsing for an arbitrary option name and just call that
function from the existing ones.
Signed-off-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
We log that at INFO level in case it is needed. However, in a modern
kernel a container which was shut down using 'shutdown' will always
have been signaled with SIGINT. Making lxc-start return an error to
reflect that seems overkill.
It's *conceivable* that someone is depending on this behavior, so I'm
sending this out for anyone to NACK, but if I hear no complaints I'll
apply.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Hopefully someone else will come in and spruce it up :) This
version is as simple as can be
lxc-snapshot -n a1
create a snapshot of a1
echo "second commit" > /tmp/a
lxc-snapshot -n a1 -c /tmp/a
create a snapshot of a1 with /tmp/a as a commit comment
lxc-snapshot -n a1 -L
list a1's snapshots
lxc-snapshot -n a1 -L -C
list a1's snapshots along with commit comments
lxc-snapshot -n a1 -r snap0 a2
restore snapshot 0 of a1 as container a2
Some easy nice-to-haves:
1. sort snapshots in the list
2. allow a comment to be given in-line
3. an option to remove a snapshot?
Removing a snapshot can just as well be done with
lxc-destroy -P /var/lib/lxcsnaps/c1 -n snap2
so I leave it to others to decide whether they really want
it, and provide the patch if so.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
The api allows for creating, listing, and restoring of container
snapshots. Snapshots are created as snapshot clones of the
original container - i.e. btrfs and lvm will be done as snapshot,
a directory-backed container will have overlayfs snapshots. A
restore is a copy-clone, using the same backing store as the
original container had.
Changelog:
. remove lxcapi_snap_open, which wasn't defined anyway.
. rename get_comment to get_commentpath
. if no newname is specified at restore, use c->name (as we meant to)
rather than segving.
. when choosing a snapshot index, use the correct path to check for.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Search for Lua if no --enable-lua/--disable-lua specified but continue
without if not found.
If --enable-lua is specified and Lua is not found then return error.
If --disable-lua is specified, then don't search for Lua.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Otherwise containers may be able to remount -o ro their rootfs
at shutdown.
Reported-by: Harald Dunkel <harri@afaics.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
When there is no --enable-lua or --with-lua-pc, Lua should not be
enabled.
This fixes a bug introduced with 12e93188 (configure/makefile:
Allow specify Lua pkg-config file with --with-lua-pc) that caused
configure script to fail if lua headers was missing.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
