proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-27 11:13:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,709 Commits 6 Branches 17 Tags 29 MiB
854d13e22e
Commit Graph

7709 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stéphane Graber
854d13e22e
Merge pull request #2641 from brauner/2018-09-23/cgroup_scoping_fixes 
cgfsng: copy parent's cpu settings for monitor too
 2018-09-23 19:30:21 +02:00
Christian Brauner
f83903274e
cgfsng: copy parent's cpu settings for monitor too 
Closes https://github.com/lxc/lxd/issues/5060.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-23 16:26:31 +02:00
Stéphane Graber
3c97aeb8f0
Merge pull request #2636 from brauner/2018-09-21/fix_implicit_fallthrough 
autotools: fix check for -Wimplicit-fallthrough
 2018-09-23 01:04:51 +02:00
Christian Brauner
62f2b7448d
Merge pull request #2627 from 2xsec/bugfix 
conf: realpath() uses null as second parameter to prevent buffer overflow
 2018-09-22 11:36:16 +02:00
Christian Brauner
23b44c365e
autotools: fix wrong AX_CHECK_COMPILE_FLAG test 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 23:45:33 +02:00
Serge Hallyn
ea0f0c849a
Merge pull request #2606 from brauner/2018-09-09/cgroup_escape 
cgroups: scoping for cgroup v2
 2018-09-21 09:54:25 -05:00
Christian Brauner
d28779d94c
cgfsng: add missing __cgfsng_ops__ attributes 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:52:25 +02:00
Christian Brauner
2d172fc734
tests: adapt cgroup tests to new layout 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:52:25 +02:00
Christian Brauner
eeef32bbda
cgfsng: cgfsng_monitor_enter() 
brauner@wittgenstein|~
> sudo systemctl status lxc@c1
● lxc@c1.service - LXC Container: c1
   Loaded: loaded (/lib/systemd/system/lxc@.service; disabled; vendor preset: enabled)
   Active: active (running) since Tue 2018-09-11 10:42:22 CEST; 38s ago
     Docs: man:lxc-start
           man:lxc
  Process: 29855 ExecStart=/usr/bin/lxc-start -n c1 -p /run/lxc/c1.pid (code=exited, status=0/SUCCESS)
    Tasks: 18 (limit: 4915)
   Memory: 32.1M
   CGroup: /system.slice/system-lxc.slice/lxc@c1.service
           ├─lxc.monitor
           │ └─c1
           │   └─29870 [lxc monitor] /var/lib/lxc c1
           └─lxc.payload
             └─c1
               ├─init.scope
               │ └─29878 /sbin/init
               └─system.slice
                 ├─console-getty.service
                 │ └─30028 /sbin/agetty -o -p -- \u --noclear --keep-baud console 115200,38400,9600 linux
                 ├─cron.service
                 │ └─30019 /usr/sbin/cron -f
                 ├─dbus.service
                 │ └─30020 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                 ├─networkd-dispatcher.service
                 │ └─30016 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
                 ├─rsyslog.service
                 │ └─30017 /usr/sbin/rsyslogd -n
                 ├─system-container\x2dgetty.slice
                 │ ├─container-getty@0.service
                 │ │ └─30027 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/0 115200,38400,9600 vt220
                 │ ├─container-getty@1.service
                 │ │ └─30030 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/1 115200,38400,9600 vt220
                 │ ├─container-getty@2.service
                 │ │ └─30026 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/2 115200,38400,9600 vt220
                 │ └─container-getty@3.service
                 │   └─30029 /sbin/agetty -o -p -- \u --noclear --keep-baud pts/3 115200,38400,9600 vt220
                 ├─systemd-journald.service
                 │ └─29976 /lib/systemd/systemd-journald
                 ├─systemd-logind.service
                 │ └─30018 /lib/systemd/systemd-logind
                 ├─systemd-networkd.service
                 │ └─29996 /lib/systemd/systemd-networkd
                 ├─systemd-resolved.service
                 │ └─30014 /lib/systemd/systemd-resolved
                 └─systemd-udevd.service
                   └─29986 /lib/systemd/systemd-udevd

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:52:25 +02:00
Christian Brauner
634ab5ed7d
cgroups: add monitor_enter() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:52:25 +02:00
Christian Brauner
72068e7470
cgfsng: add cgfsng_monitor_create() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:52:25 +02:00
Christian Brauner
6439f06e78
cgroups: add monitor_create() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:52:25 +02:00
Christian Brauner
e09b62f943
cgroups: add monitor_full_path member 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:47:04 +02:00
Christian Brauner
d39e9d8b04
cgroups: add monitor_cgroup member 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:47:04 +02:00
Christian Brauner
bb221ad14f
cgroups: s/base_cgroup/container_base_path/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:47:04 +02:00
Christian Brauner
c72d45f71f
cgroups: add missing string.h include 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:47:04 +02:00
Christian Brauner
eb6971363b
cgroups: s/fullcgpath/container_full_path/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:47:03 +02:00
Christian Brauner
292b3910d5
cgroups: switch to lxc.payload as default pattern 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:47:03 +02:00
Christian Brauner
e8b181f525
cgroup: rename container specific cgroup functions 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 16:47:01 +02:00
Stéphane Graber
e52f28afad
Merge pull request #2635 from brauner/2018-09-21/Wimplicit-fallthrough 
autotools: add -Wimplicit-fallthrough
 2018-09-21 15:54:32 +02:00
Stéphane Graber
7c887243d3
Merge pull request #2630 from brauner/2018-09-20/remove_locking 
api_extensions: introduce lxc_has_api_extension()
 2018-09-21 15:50:35 +02:00
Christian Brauner
cf0fd972be
autotools: add -Wimplicit-fallthrough 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 15:24:14 +02:00
Christian Brauner
aafa5f96f6
api_extensions: introduce lxc_has_api_extension() 
This is modeled after LXD's API extension checks. This allows API users
to query the given LXC instance whether a given API extension is
supported.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 15:17:15 +02:00
Stéphane Graber
ef92a78a1f
Merge pull request #2633 from brauner/2018-09-21/cgfsng_ops_attribute 
cgfsng: mark ops with __cgfsng_ops__ attribute
 2018-09-21 15:13:16 +02:00
Stéphane Graber
053f8fb685
Merge pull request #2634 from brauner/2018-09-21/cgroup_relative 
confile: s/lxc.cgroup.keep/lxc.cgroup.relative/g
 2018-09-21 15:13:03 +02:00
Stéphane Graber
0854924119
Merge pull request #2607 from brauner/2018-09-11/sysfs_mixed 
conf: remove extra MS_BIND with sysfs:mixed
 2018-09-21 13:46:00 +02:00
Christian Brauner
fb55e00900
cgfsng: mark ops with __cgfsng_ops__ attribute 
Helps to easily tell the cgfsng ops functions from helpers.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 13:45:46 +02:00
Christian Brauner
9caee129cd
confile: s/lxc.cgroup.keep/lxc.cgroup.relative/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 13:44:53 +02:00
Stéphane Graber
e430137c18
Merge pull request #2608 from brauner/2018-09-11/netns_get_nsid 
network: add lxc_netns_get_nsid()
 2018-09-21 13:44:34 +02:00
Stéphane Graber
2339fce523
Merge pull request #2631 from brauner/2018-09-20/rename_backgrounded 
start: s/backgrounded/daemonize/g
 2018-09-21 13:36:57 +02:00
Christian Brauner
bb955810ef
start: s/backgrounded/daemonize/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-21 12:52:32 +02:00
2xsec
74e7b66219
conf: realpath() uses null as second parameter to prevent buffer overflow 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-09-21 11:09:54 +09:00
Stéphane Graber
2eea260752
Merge pull request #2626 from brauner/2018-09-20/remove_locking 
lxccontainer: remove cgroup locking
 2018-09-21 00:11:43 +02:00
Christian Brauner
152508ba09
lxccontainer: remove locks from get_cgroup_item() 
The on-disk config file is not altered and the in-memory config isn't
altered so no need for locking.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-20 22:42:55 +02:00
Christian Brauner
03095169ca
lxccontainer: remove locks from set_cgroup_item() 
The on-disk config file is not altered and the in-memory config isn't
altered so no need for locking.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-20 22:41:45 +02:00
Christian Brauner
7fc5ee66fe
Merge pull request #2624 from 2xsec/bugfix 
af_unix: add function to remove duplicated codes for set sockaddr
 2018-09-20 21:55:08 +02:00
2xsec
c62fb5e023
af_unix: add function to remove duplicated codes for set sockaddr 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-09-19 20:38:16 +09:00
Stéphane Graber
95bdc9e7e5
Merge pull request #2622 from brauner/2018-09-19/attach_exit_status 
attach: report standard shell exit codes
 2018-09-19 11:49:02 +02:00
Christian Brauner
06346bb04a
attach: report standard shell exit codes 
POSIX mandates that on ENOEXEC 126 and on ENOENT 127 is supposed to be
reported.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-19 11:26:37 +02:00
Christian Brauner
28360e951c
Merge pull request #2621 from 2xsec/bugfix 
security: fix too wide or inconsistent non-owner permissions
 2018-09-19 09:11:36 +02:00
2xsec
e581b9b5f2
security: fix too wide or inconsistent non-owner permissions 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-09-19 14:30:12 +09:00
Christian Brauner
ee3d71040d
Merge pull request #2619 from smibarber/attach-shutdown 
attach: don't shutdown ipc socket in child
 2018-09-18 18:24:46 +03:00
Stephen Barber
5dc59a0755 attach: don't shutdown ipc socket in child 
shutdown() affects sockets even across forked processes. The
attached child process doesn't have any interest in using the
IPC socket, so just close it in the child process and let the
intermediate process handle shutting it down.

This fixes a bug seen with lxc exec in crbug.com/884244

Signed-off-by: Stephen Barber <smbarber@chromium.org>
 2018-09-17 20:07:43 -07:00
Christian Brauner
de6af06271
Merge pull request #2611 from 2xsec/bugfix 
add compile flags for dlog
 2018-09-17 09:25:34 +03:00
2xsec
de1c05f339
log: add additional info of dlog 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-09-14 18:28:44 +09:00
2xsec
8178adc6ad
log: add common functions 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-09-14 18:16:04 +09:00
2xsec
a8eed52c17
add compile flags for dlog 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-09-13 11:37:54 +09:00
Christian Brauner
9d036caab3
network: minor tweaks 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-09-13 01:16:30 +02:00
Christian Brauner
fd73418875
Merge pull request #2609 from 2xsec/bugfix 
remove unused variables & function
 2018-09-12 13:34:36 +02:00
2xsec
8b7421f2e5
file_utils: remove unused function 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-09-12 17:31:40 +09:00