This adds the 3 upstart jobs that we've had in Ubuntu for a while:
- lxc.conf: Main upstart job, triggers lxc-net.conf based on config
- lxc-instance.conf: Triggered by lxc.conf for each auto-started container
- lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ...
In addition, there are two extra config files in /etc/default:
- lxc: Allows setting some values like http proxying, disabling autostart, ...
- lxc-net: Network configuration for the lxcbr0 bridge
This change also disables the sysv script for all distros but Oracle as
the current script won't work on either Ubuntu nor Debian and I suspect
quite a few more distros, so it's not nearly as distro-agnostic as we
thought.
For Debian, only install the upstart jobs and systemd unit.
For Ubuntu, only install the upstart jobs.
This change also moves all the init related stuff to config/init/
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This adds rename(new_name) to the binding as well as two new const,
LXC_CLONE_KEEPBDEVTYPE and LXC_CLONE_MAYBE_SNAPSHOT.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
1. don't return bools for int-return functions
2. copy the filename to controller before using it
3. use full filename not just the key to pass to cgmanager
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
ValueError typically means that the user doesn't have permissions to
access the directory. Raising an exception there isn't consistent with
other error behaviour of list_containers which simple returns an empty
tuple.
So simply catch the exception and ignore it. An error message is already
printed by LXC itself anyway.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Look through all LXC code and seems like only here are missed.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This is perfectly safe since you cannot unmount the host fs from
a child userns.
Signed-off-by: S.Çağlar Onur <caglar@10ur.org>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Not being able to get freezer state is perfectly valid - if the
container does not exist. The old version of freezer_state
only reported an error on actually reading the cgroup file,
but not on not finding a cgroup file. Leave it to the caller
to report the error if it is important, since we don't actually
know any useful info here anyway.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
in particular, regular unfreeze uses the cmd api to request the cgroup
of the container. If we are already in the lxc-start monitor, we can't
use the cmd api.
(I knew when I started this would be a problem but then as it didn't
reliably crash, I forgot to handle it)
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This patch splits out most of the cgroupfs-specific code, so that
cgroup-manager versions can be plugged in. The case I did
not handle is cgroup_enter at lxc_attach. I'm hoping that case can
be greatly simplified, but will worry about it after fleshing out the
cgroup manager handlers.
This also simplify the freezer functions.
This seems to not regress my common tests when running without
cgmanager, but I'd like to do a bit more testing before pushing.
However I was hoping to get some more eyes on this so am sending it
out now.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
The forking logic was wrong, causing both the child and the parent to
call the template with -h.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
lxc_unshare now takes one or more '-i interfacename' arguments which
will move the named interfaces into the created container.
lxc_unshare now takes -M argument which will cause the standard mounts
(/proc /dev/shm /dev/mqueue) to be auto-mounted inside container.
lxc_unshare now takes '-H hostname' argument to automatically set
the hostname in the container.
lxc_unshare now takes -D argument to automatically daemonize and detach
from the created container, instead of waiting for the container to exit
Signed-off-by: Seth Robertson <srobertson@appcomsci.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Without this /dev/console won't exist and upstart will fail to start any
job marking as "console output" including the rather important rcS.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
I unfortunately realized that I did not push the latest version of the
file. This fixes an issue in the case where we want to create the proxy
file in the container (not nested).
Signed-off-by: Chris Glass <tribaal@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Added a commented squid-deb-proxy hook to the common ubuntu config file
as suggested when merging the squid-deb-proxy-client hook.
Signed-off-by: Chris Glass <tribaal@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
If we start container with rcfile(see comments in lxc_start.c), it
is possible that we have no config file in /usr/local/var/lib/lxc.
So when we try lxc_stop, lxc_container_new will not load any config
so we'll get c->lxc_conf = NULL.
In that case, we'll get Segmentation fault in lxcapi_shutdown, a
simple check would fix this.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
