Added code to the CentOS and Fedora templates so that x86 32 bit containers
may be built on x86_64 platforms. Like archectectures may also be trivially
used as well.
Option added is "-a {arch}".
Additionally cleaned up some bash specific logic.
Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
The geteuid() addition is being made the first element of the lxc_list,
but the first element is just a head whose entry is ignored. Therefore
userns_exec_1() was starting its tasks without the caller's uid mapped
into the namespace.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Drop 60s delay and clear config before loading it.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Update lxc-test-unpriv to be a bit simpler and more reliable.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This also fixes unprivileged use of lxc-snapshot and lxc-rename.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Function file_exists() needs a absolute full path, but we are using
current_entire_path which is not. It will get the wrong result from
file_exists() and case Segmentation fault when we fopen a non-exist
file and try to fscanf from it.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Clean up the nesting if, make the logic similar for memory
and cpuset, and the error message should sent from inside,
for better extendibility.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Changelog: Jan 22: as Michael Warfield pointed out, we should only
ignore EINVAL, since EFAULT points to a more serious problem.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
When creating a cgroup, detect whether cgroup.clone_children
exists. If not, then manually copy the parent's cpuset.cpus
and cpuset.mems values.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
allow not to specify a variable that is related installed packages
Signed-off-by: TAMUKI Shoichi <tamuki@linet.gr.jp>
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
When you start a container in daemon model, you have at least
3 processes:
1. The command the user start (lxc-start -d)
2. The backgrounded fork of that command after start() is done
3. The container init process
In PID file, we need (2), but currently we are writing (1),
this is wrong because (1) exits as soon as the container is
started, it's complately useless.
So we write pid after daemonize, so that we'll always write
the right pid to PID file.
Reported-by: Stephane Graber <stgraber@ubuntu.com>
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
So we can remove PID file untill lxc_container_free.
This also fix bug: https://github.com/lxc/lxc/issues/89
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
In the daemonized case we will fork, so the anonymous container memlock
will not be shared between parent and child.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
