proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-15 07:52:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,940 Commits 6 Branches 17 Tags 29 MiB
a8b46a6bee
Commit Graph

7940 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
2xsec
29c98ddd9b confile_utils: fix return value & cleanups 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-20 22:05:15 +09:00
Stéphane Graber
8fd3e219c2
Merge pull request #2480 from brauner/2018-07-18/add_required_mount_flags 
conf: the atime flags are locked in userns
 2018-07-19 16:18:21 -04:00
Christian Brauner
ce08b042f9
Merge pull request #2481 from hwoarang/fix-apparmor-paths 
apparmor: Allow /usr/lib* paths for mount and pivot_root
 2018-07-19 14:02:44 +02:00
Markos Chandras
733e375760 apparmor: Allow /usr/lib* paths for mount and pivot_root 
openSUSE Leap 15 is using --libdir=/usr/lib64 when building for
x86_64 so we need to allow this path in the apparmor profiles.

Link: https://bugzilla.opensuse.org/show_bug.cgi?id=1099239
Signed-off-by: Markos Chandras <mchandras@suse.de>
 2018-07-19 12:17:24 +01:00
Christian Brauner
69eadddb37
conf: the atime flags are locked in userns 
This means they need to be added for remount and for fresh mounts.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-18 18:09:21 +02:00
Stéphane Graber
c77abb2006
Merge pull request #2473 from tenforward/japanese 
doc: Translate lxc.monitor.signal.pdeath into Japanese in lxc.contain…
 2018-07-16 12:32:17 -04:00
KATOH Yasufumi
fd5de02921 doc: Translate lxc.monitor.signal.pdeath into Japanese in lxc.container.conf(5) 
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2018-07-17 01:14:06 +09:00
Stéphane Graber
d08e384c4c
Merge pull request #2472 from brauner/2018-07-16/monitor_signal_pdeath 
tests: add lxc.monitor.signal.pdeath
 2018-07-16 12:13:46 -04:00
Christian Brauner
e53cd6d899
tests: add lxc.monitor.signal.pdeath 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-16 15:23:31 +02:00
Stéphane Graber
112a579825
Merge pull request #2470 from brauner/2018-07-16/monitor_signal_pdeath 
confile: add lxc.monitor.signal.pdeath
 2018-07-16 08:05:15 -04:00
Christian Brauner
258f80519f
confile: add lxc.monitor.signal.pdeath 
Set the signal to be sent to the container's init when the lxc monitor exits.
By default it is set to SIGKILL which will cause all container processes to be
killed when the lxc monitor process dies.
To ensure that containers stay alive even if lxc monitor dies set this to 0.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-16 12:50:57 +02:00
Christian Brauner
f6e32eb05b
confile: move signal helpers to confile utils 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-16 11:30:23 +02:00
Christian Brauner
63f9c9e607
Merge pull request #2469 from 2xsec/bugfix 
tools: lxc-unshare: use lxc list for interface names
 2018-07-14 17:50:47 +02:00
2xsec
0240eb9dc5 coverity: #1437949 
Argument cannot be negative

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-15 00:19:16 +09:00
2xsec
59e1663ad0 tools: lxc-unshare: use lxc list for interface names 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-14 23:56:34 +09:00
Christian Brauner
623cfa35c1
Merge pull request #2468 from 2xsec/bugfix 
tools: lxc-unshare: apply argument parser of lxc and log system of lxc
 2018-07-14 16:47:20 +02:00
2xsec
35bfea7ac7 tools: lxc-unshare: fix wrong coding rules 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-14 22:07:59 +09:00
2xsec
727b9b1659 tools: lxc-unshare: apply argument parser of lxc and log system of lxc 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-14 20:00:38 +09:00
Christian Brauner
94fd0bd685
Merge pull request #2466 from flx42/fix-define-argument 
confile: fix incorrect strncmp
 2018-07-14 02:09:46 +02:00
Felix Abecassis
85d49873a6 confile: fix incorrect strncmp 
Passing additional configuration options with "--define" was broken.

Result of git bisect:
d899f11b7b is the first bad commit

Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
 2018-07-13 16:45:55 -07:00
Christian Brauner
5c784312b9
Merge pull request #2465 from 2xsec/bugfix 
lxclock: change error log using strerror to SYSERROR
 2018-07-13 14:50:01 +02:00
2xsec
79cda71dc9
lxclock: change error log using strerror to SYSERROR 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-13 21:33:09 +09:00
Stéphane Graber
7437036726
Merge pull request #2462 from brauner/2018-07-12/coverity 
coverity
 2018-07-12 12:40:34 -04:00
Christian Brauner
a0ee564f64
coverity: #1437935 
Unchecked return value

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-12 17:52:09 +02:00
Christian Brauner
00c72a935f
coverity: #1437936 
Unchecked return value

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-12 17:49:30 +02:00
Stéphane Graber
99c42eaad5
Merge pull request #2459 from brauner/2018-07-11/cleanup_makefile 
autotool fixes, attach cleanups
 2018-07-12 11:30:45 -04:00
Stéphane Graber
4017e68046
Merge pull request #2460 from brauner/2018-07-12/handle_new_mknod_smarter 
conf: handle partially functional device nodes
 2018-07-12 10:08:44 -04:00
Christian Brauner
ae026f5593
attach: cleanup log messages in lxc_attach() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-12 13:06:45 +02:00
Christian Brauner
3f62938a8a
attach: use fd_cloexec() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-12 13:06:45 +02:00
Christian Brauner
bcbef73392
attach: cleanup no_new_privs() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-12 13:06:45 +02:00
Christian Brauner
d4db3d1441
attach: cleanup fetch_seccomp() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-12 13:06:45 +02:00
Christian Brauner
3fa23ac32e
attach: simplify lxc_attach_getpwshell() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-12 13:06:45 +02:00
Christian Brauner
5067e4dd85
conf: handle partially functional device nodes 
This improves handling kernels which allow userspace to create partially
functional devices nodes.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-12 12:43:34 +02:00
Christian Brauner
337fa8eadf
Merge pull request #2458 from 2xsec/bugfix 
tools: lxc-ls: fix signed_to_bigger_unsigned issue
 2018-07-11 23:17:34 +02:00
Christian Brauner
ba7bd8c8de
autotools: cleanup Makefile.am 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-11 22:35:44 +02:00
2xsec
3a3dcd3432
tools: lxc-ls: fix signed_to_bigger_unsigned issue 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-11 21:59:18 +09:00
Stéphane Graber
f2c0c2bf9a
Merge pull request #2452 from brauner/2018-07-06/build_static_liblxc 
static liblxc, always create /dev directory when autodev = 1, open("/dev/null") opportunistically
 2018-07-09 19:55:41 -04:00
Christian Brauner
f4c177c3b3
start: don't unconditionally open("/dev/null") 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-10 01:20:29 +02:00
Christian Brauner
87e0e27360
conf: create /dev directory 
If users specified lxc.autodev = 1 it does not make sense to skip setting up
autodev if /dev does not exist. We rather should create it.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-10 01:20:29 +02:00
Christian Brauner
57d533fb39
autotools: build both a shared and static liblxc 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Tycho Andersen <tycho@tycho.ws>
 2018-07-10 01:20:29 +02:00
Christian Brauner
19400b4d46
Merge pull request #2454 from 2xsec/bugfix 
tools: lxc-unshare: replace write_id_mapping() to the same function in conf.c
 2018-07-07 14:11:20 +02:00
2xsec
23ccbdeda8 tools: lxc-unshare: replace write_id_mapping() to the same function in conf.c 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-07 19:52:11 +09:00
Christian Brauner
74dc5be50c
Merge pull request #2453 from 2xsec/bugfix 
add namespace api
 2018-07-06 21:34:34 +02:00
2xsec
d1673d632f tools: lxc-unshare: replace converting standard identifiers of namespaces to api 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-07 01:20:53 +09:00
2xsec
2d33090fba tools: lxc-attach: replace converting standard identifiers of namespaces to api 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-07 01:16:41 +09:00
2xsec
42067d1852 namespace: add api to convert namespaces to standard identifiers 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-07-07 01:10:10 +09:00
Stéphane Graber
7cb6d1b0a8
Merge pull request #2451 from brauner/2018-07-06/bugfixes 
bugfixes
 2018-07-05 23:44:39 -04:00
Christian Brauner
57b1ab6071
tree-wide: set MSG_NOSIGNAL 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-06 01:22:06 +02:00
Christian Brauner
7288dfb69d
start: declare int array const 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-06 01:22:06 +02:00
Christian Brauner
ec1dc63394
start: refactor match_stdfds() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-06 01:10:13 +02:00