lxc-ls nowadays is a C binary so there's no need to keep the python and
shell versions around anymore, remove them from the branch and cleanup
documentation and Makefiles.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Some systems need to be able to bind-mount /run to /var/run
and /run/lock to /var/run/lock. (Tested with opensuse 13.1
containers migrated from openvz.)
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Commit ea4679694 replaced the python implementation with a
C one.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
- make free_mnts() work directly on the globals mnt_table and mnt_table_size
- have free_mnts() set mnt_table = NULL and mnt_table_size = 0 when its done to
avoid double frees
- simplify error-handling in do_clone_ephemeral()
- do_clone_ephemeral(): when chmod() falls to set permissions on the temporary
folder we created for mkdtemp() remove the folder
- simplify error handling in main()
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
Just as cgmanager does, if we are calculating a task's paths, drop
the trailing '/init.scope'. We don't want the container to sit under
there.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Previously, name= controllers would be handled if lxc.cgroup.use=@all,
but not if lxc.cgroup.use was unspecified. Change that, since you cannot
run systemd in a container without it.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This allows cgfs to be used to create containers in a user namespace,
and have the container owner be able to use cgroups.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
* This are either '.', '..' or a hidden directory.
And this names should not be used for a container
in any case.
* Before this patch, if you created a git repository under lxc.lxcpath (it
can be useful to keep track of the configurations of your containers)
Then, when you run lxc-ls you will get the following output:
# lxc-ls
.git container1 container2 ....
This is because there is a 'config' file inside the '.git' directory.
It is where git stores the configuration of the repository.
And the test lxc-ls does to check if a directory contains a container
is just to check if the 'directory/config' file exists.
Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com>
If the backingstore is not 'dir', then lxc shouldn't ask the user
to change the password by performing a 'chroot'. Rather, the user
should start, attach, use the passwd command, and then stop the
container.
Fixes#731
Signed-off-by: Nehal J Wani <nehaljw.kkd1@gmail.com>
The new task waits until the container is STOPPED, then asks
openvswitch to delete the port.
This requires two new arguements to be sent to lxc-user-nic.
Since lxc-user-nic ships with lxc, this shouldn't be a problem.
Finally when calling lxc-user-nic, use execlp insteac of execvp
to preserve lxcpath's const-ness. Technically we are
guaranteed that execvp won't change the args, but it's worth
it to silence the warnings (and not hide real errors).
With this patch, container nics are cleaned up from openvswitch
bridges on shutdown.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
- With the -g/--groups argument the user can give a comma-separated list of
groups MUST a container must have in order to be displayed. We receive
this list as a single string. ls_has_all_grps() is called to check if a
container has all the groups of MUST in its current list of groups HAS. I.e.
we determine whether MUST ⊆ HAS and only then do we record the container.
The original implementation was dumb in that it split the string MUST
everytime it needed to check whether MUST ⊆ HAS for a given container. That's
pointless work. Instead we split the string MUST only once in main() and pass
it to ls_get() which passes it along to ls_has_all_grps().
- Before doing any costly checking make sure that #MUST <= #HAS. If not bail
immediately.
- The linear search algorithm ls_has_all_grps() currently uses stays for now.
Binary search et al. do not seem to make sense since sorting the array HAS
for each container is probably too costly. Especially, since it seems
unlikely that a users specifies 50+ or so groups on the command line a
container must have to be displayed. If however there are a lot of use-cases
where users have a lot of containers each with 50-100 groups and regularly use
lxc-ls with -g/--groups to only show containers that have 50 specified groups
among their 50-100 groups we can revisit this issue and implement e.g. binary
search or a ternary search tree.
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
