Stéphane Graber
7e163e66e4
change version to 2.0.0.rc9 in configure.ac
...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
2016-03-09 03:02:58 -05:00
Christian Brauner
6b6c6b2bdd
Merge pull request #884 from hallyn/2016-03-08/batch
...
2016 03 08/batch
2016-03-09 08:53:03 +01:00
Serge Hallyn
d8da679e2a
cgfsng: make sure a cgroup does not already exist
...
Our mkdir_p ignore eexist, and of course we want that for
upper path components, but the final directory itself must
not already exist.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-08 23:34:19 -08:00
Serge Hallyn
b4ffcca8e8
cgfsng: fix real bug and fake libc realloc bug
...
read_file was using the wrong value for the string length. Also,
realloc on i386 is wonky with small sizes - so use a batch size
to avoid small reallocs.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-08 23:18:11 -08:00
Stéphane Graber
5d5c5694bd
change version to 2.0.0.rc8 in configure.ac
...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
2016-03-08 17:39:34 -05:00
Stéphane Graber
43c01da697
Merge pull request #883 from hallyn/2016-03-08/cgrouptests
...
tests: set clone_children if need be
2016-03-08 17:10:52 -05:00
Serge Hallyn
177f793ae0
tests: set clone_children if need be
...
Lxc only sets it on /lxc, not on /.
It's conceivable that we should really re-set this to the original
value, to prevent making later tests not fail when they should. I
didn't do that.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-08 13:44:38 -08:00
Christian Brauner
e5cf81b811
Merge pull request #882 from hallyn/2016-03-08/cgfsng.2
...
cgfsng: set cpuset clone_children if needed
2016-03-08 22:19:45 +01:00
Serge Hallyn
e3a3fecfe7
cgfsng: set cpuset clone_children if needed
...
Sigh.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-08 12:49:52 -08:00
Stéphane Graber
6374c9ec63
Merge pull request #881 from hallyn/2016-03-08/cgfsng.1
...
cgfsng: enter/escape error msgs: differentiate and add errno
2016-03-08 12:04:41 -05:00
Serge Hallyn
d3b00a8f48
cgfsng: enter/escape error msgs: differentiate and add errno
...
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-08 09:02:52 -08:00
Serge Hallyn
4ca12a5925
Merge pull request #880 from stgraber/master
...
Remove trailing newlines in log
2016-03-08 08:08:53 -08:00
Stéphane Graber
1c9da8dac4
Remove trailing newlines in log
...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
2016-03-08 09:51:01 -05:00
Stéphane Graber
d551c8cb3f
Merge pull request #879 from hallyn/2016-03-07/debug.aa
...
prevent containers from reading /sys/kernel/debug
2016-03-07 22:13:24 -05:00
Serge Hallyn
537188a8ee
prevent containers from reading /sys/kernel/debug
...
Unprivileged containers cannot read it anyway, but also prevent root
owned containers from doing so. Sadly upstart's mountall won't run
if we try to prevent it from being mounted at all.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-07 19:10:58 -08:00
Stéphane Graber
215486610e
change version to 2.0.0.rc7 in configure.ac
...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
2016-03-07 18:47:50 -05:00
Stéphane Graber
892560848d
Fix dist tarball to include lxc-devsetup
...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
2016-03-07 18:31:27 -05:00
Stéphane Graber
5e8b3276d0
change version to 2.0.0.rc6 in configure.ac
...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
2016-03-07 18:20:40 -05:00
Stéphane Graber
47ee660e46
Merge pull request #875 from hallyn/cgfsng
...
cgfsng: next generation filesystem-backed cgroup implementation
2016-03-07 16:24:44 -05:00
Serge Hallyn
43647298b6
cgfsng: try to chown tasks and cgroup.procs
...
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-07 12:58:21 -08:00
Serge Hallyn
554cd166d2
Merge pull request #878 from stgraber/master
...
Fix apparmor
2016-03-07 12:09:36 -08:00
Stéphane Graber
164484ce6c
Merge pull request #872 from clopez/lxc-devsetup-sysvinit-upstart
...
Execute script lxc-devsetup also with sysvinit and upstart.
2016-03-07 15:02:39 -05:00
Stéphane Graber
056f8bba0d
Properly update the generated apparmor profiles
...
Some changes happened but the final profiles weren't generated...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
2016-03-07 15:01:17 -05:00
Stéphane Graber
eab570bcaf
Revert "allow cgroupfs mounts under /sys/fs/cgroup"
...
This reverts commit 833bf9c2b2
2016-03-07 15:00:05 -05:00
Serge Hallyn
41c33dbec5
cgfsng: print debuginfo if LXC_DEBUG_CGFSNG env variable is set
...
Note this is printing to stdout because it runs before logging is setup.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-07 11:24:41 -08:00
Serge Hallyn
aca7dc6fec
cgfsng - remove the code checking whether devices cgroup lines are already done
...
We may need to revert this, but I *think* we no longer need this
with default configs. The idea iirc was that if caller cannot
write to devices.allow (i.e. is in a user namespace), then ignore
permission failures if the cgroups are already sufficiently setup.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-07 11:17:20 -08:00
Serge Hallyn
d30ec4cbc2
comment fixups
...
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-07 11:04:30 -08:00
Stéphane Graber
6a814f486f
Merge pull request #876 from d4s/upstream
...
Added ALTLinux distribution.
2016-03-07 12:56:26 -05:00
Serge Hallyn
c0888dfe26
chmod container cgroup 775
...
so that container root can create sub-cgroups
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-06 01:52:04 -08:00
Denis Pynkin
5c60f99037
Added ALTLinux distribution.
...
- Added ALTLinux distribution.
- Updated template for ALTLinux Sisyphus
Signed-off-by: Denis Pynkin <denis_pynkin@epam.com>
2016-03-05 16:50:32 +03:00
Serge Hallyn
95adfe9316
cgfsng: print error when reaching 1000 failed cgroup creations
...
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-05 00:38:54 -08:00
Serge Hallyn
235f1815ab
use strchr in place of index bc bionic
...
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-05 00:36:14 -08:00
Serge Hallyn
a8a0f65d24
Merge pull request #873 from brauner/bugfix_branch
...
lxc-attach: fix redirection - stderr
2016-03-04 20:19:46 -08:00
Serge Hallyn
ccb4cabe02
cgfsng: next generation filesystem-backed cgroup implementation
...
This makes simplifying assumptions: all usable cgroups must be
mounted under /sys/fs/cgroup/controller or /sys/fs/cgroup/contr1,contr2.
Currently this will only work with cgroup namespaces, because
lxc.mount.auto = cgroup is not implemented. So cgfsng_ops_init()
returns NULL if cgroup namespaces are not enabled.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-04 18:19:30 -08:00
Christian Brauner
8d1ea53785
tests: add lxc-test-attach-test
...
Test if the various types of I/O redirection work with lxc-attach.
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
2016-03-05 00:50:34 +01:00
Christian Brauner
d96556572c
lxc-attach: fix redirection - stderr
...
So that we can do things like:
lxc-attach -n a -- sh -c 'echo ERR >&2' > /dev/null
There seems to be no easy way to discern when we need to write to stderr
instead of stdout when we receive an event on the master fd of an allocated
pty. So we're using a "trick"/"hack". We write to STDOUT_FILENO if it refers to
a pty. If STDOUT_FILENO does not refer to a pty we check whether STDERR_FILENO
refers to a pty and if so write to it.
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
2016-03-05 00:38:39 +01:00
Carlos Alberto Lopez Perez
a8c7106328
Execute script lxc-devsetup also with sysvinit and upstart.
...
* This script sets /dev/.lxc which is needed for autodev containers.
* Previously was only executed with systemd. Execute it also with
the other init systems (sysvinit and upstart)
Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com>
2016-03-04 18:37:27 +01:00
Christian Brauner
6861fb2291
Merge pull request #871 from ysbnim/master
...
doc: Update Korean lxc-attach(1) and lxc-copy(1), Improve lxc-unshare(1)
2016-03-04 09:54:43 +01:00
Sungbae Yoo
b922759db9
doc: improve lxc-unshare(1)
...
Explain that the pipe symbol needs to be escaped for -s.
Signed-off-by: Sungbae Yoo <sungbae.yoo@samsung.com>
2016-03-04 12:01:15 +09:00
Sungbae Yoo
aef119a3fa
doc: improve Korean lxc-attach(1)
...
Explain that the pipe symbol needs to be escaped for -e and -s.
Update for commit 759d521
2016-03-04 11:55:03 +09:00
Sungbae Yoo
273b3837ce
doc: add copy hook explanation to Korean lxc-copy(1)
...
Update for commit cc0607a
2016-03-04 11:28:27 +09:00
Stéphane Graber
b5e6a3768c
change version to 2.0.0.rc5 in configure.ac
...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
2016-03-03 10:58:28 -05:00
Stéphane Graber
e31d0f819e
Merge pull request #868 from brauner/bugfix_branch
...
console.{c.h}: add/improve documentation
2016-03-03 10:50:53 -05:00
Christian Brauner
22926b3971
console.{c.h}: add/improve documentation
...
Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
2016-03-03 16:04:17 +01:00
Christian Brauner
c9f5f3598e
Merge pull request #867 from tenforward/plamo
...
plamo: Update release version and repository for getting packages
2016-03-03 11:21:41 +01:00
KATOH Yasufumi
64600fe355
plamo: Update release version and repository for getting packages
...
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
2016-03-03 18:42:05 +09:00
Christian Brauner
130dae08d6
Merge pull request #866 from tenforward/japanese_man
...
Update Japanese lxc-attach(1) and lxc-copy(1)
2016-03-03 10:16:28 +01:00
KATOH Yasufumi
352470062e
doc: improve Japanese lxc-attach(1)
...
Explain that the pipe symbol needs to be escaped for -e and -s.
Update for commit 759d521
2016-03-03 16:25:09 +09:00
KATOH Yasufumi
79dff39e89
doc: add copy hook explanation to Japanese lxc-copy(1)
...
Update for commit cc0607a
2016-03-03 16:13:35 +09:00
Stéphane Graber
dfc7616801
Merge pull request #865 from hallyn/2016-03-02/cgfs.rmperms
...
2016 03 02/cgfs.rmperms
2016-03-02 19:59:23 -05:00
