proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-04 05:48:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,627 Commits 6 Branches 17 Tags 29 MiB
b8bcbe9b06
Commit Graph

7627 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Christian Brauner
4fb34c047c
macro: move network macros from utils.h 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-08 13:11:05 +02:00
Christian Brauner
1cd9521417
netns: allocate network namespace id 
Start to allocate a new network namespace id for each container.

Relates to https://github.com/lxc/lxd/issues/4831.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-08 13:11:05 +02:00
Christian Brauner
6d6ad42734
MAINTAINERS: add Wolfgang Bumiller 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-07 15:01:19 +02:00
Stéphane Graber
85d406c954
Merge pull request #2513 from brauner/2018-08-06/fix_busybox 
templates: avoid endless loop
 2018-08-06 12:34:44 -04:00
Christian Brauner
f26dc127bf
CVE 2018-6556: verify netns fd in lxc-user-nic 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-06 12:15:39 -04:00
Christian Brauner
46a6646a83
templates: avoid endless loop 
Closes #2512.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-06 16:43:35 +02:00
Christian Brauner
639f08fd9f
Merge pull request #2495 from 2xsec/bugfix 
add default log priority & cleanups
 2018-08-06 11:35:35 +02:00
Christian Brauner
4e2e55dcb6
Merge pull request #2511 from 2xsec/coverity 
fix coverity issues
 2018-08-06 11:32:33 +02:00
2xsec
3a88eb8e6e
coverity: #1438232 
Failure to restore non-local value

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 16:57:53 +09:00
2xsec
2082ac625e
pam_cgfs: cleanups 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 14:36:05 +09:00
2xsec
03e7d72aeb
coverity: #1438231 
Dereference after null check

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 14:11:46 +09:00
2xsec
ea8bb2a994
coverity: #1438230 
Logically dead code

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 14:03:22 +09:00
2xsec
8ae3983ed2
coverity: #1438229 
Resource leak

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 14:01:33 +09:00
2xsec
90a170d8be
coverity: #1438233 
Resource leak

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 13:54:34 +09:00
2xsec
d97c3a345a
coverity: #1438234 
Resource leak

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 13:44:46 +09:00
2xsec
9159b38c43
coverity: #1438235 
Resource leak

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 13:19:53 +09:00
2xsec
8ddce7df13
coverity: #1438236 
Resource leak

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 13:12:00 +09:00
2xsec
d67beb9e83
tools: lxc-unshare: apply default log priority 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 13:02:15 +09:00
2xsec
03c6d26669
log: add default log priority 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 13:02:06 +09:00
2xsec
8273ba47c1
log: function cleanups 
Signed-off-by: 2xsec <dh48.jeong@samsung.com>
 2018-08-06 13:01:55 +09:00
Stéphane Graber
3b6fd3271e
Merge pull request #2510 from brauner/2018-08-05/cap_fixes 
tree-wide: pass unsigned long to prctl()
 2018-08-05 10:18:55 -04:00
Christian Brauner
b81689a103
tree-wide: pass unsigned long to prctl() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-05 14:04:03 +02:00
Stéphane Graber
1a64ff41a1
Merge pull request #2508 from brauner/2018-08-04/cap_fixes 
macro: add new macro header, caps: bugfixes, log: bugfixes
 2018-08-04 15:55:32 -04:00
Christian Brauner
202a334b47
log: bugfixes 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-04 20:49:05 +02:00
Christian Brauner
4e60664a9a
caps: bugfixes 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-04 20:23:08 +02:00
Christian Brauner
279c45eed3
macro: add new macro header 
This allows us to use a bunch of macros in our static build for init.lxc.static
without having to link against all of utils.{c,h}.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-04 20:11:58 +02:00
Christian Brauner
de7187b613
travis: export CFLAGS=-O0 for coverity 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-04 18:06:11 +02:00
Christian Brauner
7a6ecf65bf
travis: build with -O0 for coverity 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-08-04 17:50:33 +02:00
Christian Brauner
6e0045bdd8
tests: add lxc.rootfs.managed test 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-31 22:09:34 +02:00
Christian Brauner
2a6d08c6e1
tests: cleanup get_item.c 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-31 22:09:34 +02:00
Christian Brauner
6e54330c46
conf: introduce lxc.rootfs.managed 
This introduces a new config key lxc.rootfs.managed which can be used to
indicate whether this LXC instance is managing the container storage. If LXC is
not managing the storage then LXC will not modify the container storage.
For example, an API call to c->destroy(c) will then run any destroy hooks but
will not destroy the actual rootfs (Unless, of course, the hook does so behind
LXC's back.).

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
CC: Wolfgang Bumiller <w.bumiller@proxmox.com>
CC: Stéphane Graber <stgraber@ubuntu.com>
CC: Serge Hallyn <serge@hallyn.com>
CC: 2xsec <dh48.jeong@samsung.com>
 2018-07-31 22:09:34 +02:00
Stéphane Graber
09ef5d954f
Merge pull request #2505 from brauner/2018-07-31/bugfixes 
coverity: #438136
 2018-07-31 10:55:16 -04:00
Christian Brauner
a3cf04da4d
READEM: update Serge's mail address 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Serge Hallyn <serge@hallyn.com>
 2018-07-31 13:52:12 +02:00
Christian Brauner
aeba3f8005
coverity: #438136 
String not null terminated

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-31 10:55:52 +02:00
Christian Brauner
8da51ee9b3
Merge pull request #2503 from tenforward/japanese 
doc: Add incompatibility with network type=none into Japanese man
 2018-07-31 09:17:47 +02:00
KATOH Yasufumi
e0e360c589 doc: Add incompatibility with network type=none into Japanese man 
Update for commit e4b3e36

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2018-07-31 16:03:31 +09:00
Stéphane Graber
542d0f26e6
Merge pull request #2499 from brauner/lxc/master 
bugfixes
 2018-07-30 14:57:23 -04:00
Stéphane Graber
01fc55d5a7
Merge pull request #2475 from brauner/2018-07-16/monitor_signal_pdeath 
conf: improve rootfs setup
 2018-07-30 14:56:54 -04:00
Stéphane Graber
e6b4213b9e
Merge pull request #2502 from brauner/2018-07-27/fix_max_devpts_option 
conf: mount devpts without "max" on EINVAL
 2018-07-30 14:56:19 -04:00
Wolfgang Bumiller
dccffc8269 conf: don't return a clobbered errno value 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2018-07-30 20:30:50 +02:00
Christian Brauner
dfbd473039
conf: mount devpts without "max" on EINVAL 
The "max" option to devpts got introduced in kernel 3.4.

Closes #2490.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-30 15:56:05 +02:00
Christian Brauner
7b52bc0bfe
Merge pull request #2500 from akosiaris/patch-1 
Unprivileged's incompatibility with type=none docs
 2018-07-30 15:32:19 +02:00
Alexandros Kosiaris
e4b3e369f8 Unprivileged's incompatibility with type=none docs 
Unprivileged containers are not compatible with sharing the
host namespace due to an inability to mount sysfs. Add docs
in lxc.container.conf to document that out.

Refs #2463

Signed-off-by: Alexandros Kosiaris <akosiaris@gmail.com>
 2018-07-30 15:18:27 +03:00
Christian Brauner
81f8706696
caps: handle EINTR in read() 
We don't want to link caps.{c,h} against utils.{c,h} for the sake of our static
builds init.lxc.static. This means lxc_write_nointr() will not be available. So
handle it EINTR.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-30 00:16:42 +02:00
Christian Brauner
e0c198063d
log: handle EINTR in read() 
We don't want to link log.{c,h} against utils.{c,h} for the sake of our static
builds init.lxc.static. This means lxc_write_nointr() will not be available. So
handle it EINTR.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-30 00:16:41 +02:00
Christian Brauner
a5bc6cb0e0
utils: s/read()/lxc_read_nointr()/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-30 00:16:39 +02:00
Christian Brauner
72f7c19b1a
terminal: s/read()/lxc_read_nointr()/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-30 00:16:37 +02:00
Christian Brauner
802e609aa9
monitor: s/write()/lxc_write_nointr()/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-30 00:16:35 +02:00
Christian Brauner
2a71131d33
monitor: s/read()/lxc_read_nointr()/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-30 00:16:34 +02:00
Christian Brauner
1fabf7d4ca
apparmor: s/read()/lxc_read_nointr()/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2018-07-30 00:16:33 +02:00