proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-15 12:06:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
11,006 Commits 6 Branches 17 Tags 29 MiB
cdb4f412ff
Commit Graph

11006 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stéphane Graber
a218be90f5
Merge pull request #3676 from brauner/2021-02-16/fixes 
cgroups: fixes
 2021-02-16 19:16:23 -05:00
Christian Brauner
dcf6a5c7c6
cgroups: remove obsolote cgroup_tree handling 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-17 00:49:41 +01:00
Christian Brauner
c55fe36d28
cgroups: fd-only cgroup tree pruning 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-17 00:42:40 +01:00
Christian Brauner
6347774b4c
file_utils: move dup_cloexec() to header 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-17 00:42:37 +01:00
Christian Brauner
701be30e14
cgroups: prevent double-close 
Fixes: Coverity 1473183
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 23:27:53 +01:00
Christian Brauner
ba559a5b19
namespace: add missing \0 terminator 
Link: https://launchpadlibrarian.net/523195972/buildlog_ubuntu-groovy-ppc64el.lxc_1%3A4.0.6+master~20210215-1740-0ubuntu1~groovy_BUILDING.txt.gz
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 23:20:54 +01:00
Stéphane Graber
858f62255d
Merge pull request #3675 from brauner/2021-02-16/fixes 
cgroups: second batch of cgroup fixes
 2021-02-16 16:37:42 -05:00
Christian Brauner
060e54d6df
cgroups: rework how hierarchies are added 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 20:39:02 +01:00
Christian Brauner
c426abeaa9
cgroups: fix fd leaks 
They didn't really matter because we want to keep them around for as long as
the container lives anyway.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 19:19:09 +01:00
Christian Brauner
f5b049452e
cgroups: allow "" base cgroup paths 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 19:19:09 +01:00
Christian Brauner
192812516e
string_utils: handle empty strings in must_make_path() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 19:19:09 +01:00
Christian Brauner
088db01b85
cgroups: improve logging 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 19:19:09 +01:00
Christian Brauner
033267c93a
cgroups: rework legacy cpuset handling 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 19:19:09 +01:00
Christian Brauner
da42ac7b4b
cgroups: fd-based only cgroup creation 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 17:25:53 +01:00
Christian Brauner
3486d9935a
cgroups: stash fds for the controller mountpoint and base cgroup path 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 13:36:13 +01:00
Christian Brauner
5c7b81439c
cgroups: fail when no cgroup hierarchies are found 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 13:28:48 +01:00
Christian Brauner
600a016384
cgroups: rework base cgroup parsing 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 13:25:26 +01:00
Christian Brauner
c72e7cb584
cgroups: rework add_hierarchy() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 11:46:36 +01:00
Christian Brauner
008ccca920
cgroups: better document stashed file descriptors 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 11:35:43 +01:00
Christian Brauner
d4cff3525d
cgroups: stash host's cgroupfs file descriptor 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 11:22:56 +01:00
Christian Brauner
7414bc72c3
cgroups: s/cg_init()/__cgroup_init()/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-16 10:55:38 +01:00
Stéphane Graber
136b349c94
Merge pull request #3674 from brauner/2021-02-15/nesting 
cgroups: tighten cgroup config items
 2021-02-15 12:56:52 -05:00
Christian Brauner
f63ef15527
confile: forbid absolute paths in config items that modify the cgroup layout 
This is not a safety measure but merely is supposed to raise awareness that
these paths are always relative to the cgroup root as determined by
lxc.cgroup.relative.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 18:08:56 +01:00
Christian Brauner
0a48ee66c6
confile: forbid walking upwards for confile items that modify cgroup layout 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 18:08:56 +01:00
Christian Brauner
7d714159a3
confile_utils: normalize paths in config items 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 18:08:56 +01:00
Christian Brauner
ee94a8b5cf
confile: use set_config_path_item() for most cgroup layout modifiers 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 18:08:54 +01:00
Stéphane Graber
7e925736c9
Merge pull request #3673 from brauner/2021-02-15/nesting 
cgroups: first batch of cgroup mounting fixes
 2021-02-15 12:08:01 -05:00
Christian Brauner
a3e5ec2657
cgroupfs: rework cgroup2 mounting 
We now explicitly refuse to mount cgroups on pure unified layouts when the
container is not running in a separate cgroup namespace. This is not a
regression since we simply always failed before anyway. I will likely fix this
very soon though. But there are bigger fish to fry currently.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 16:25:38 +01:00
Christian Brauner
3a86fb378d
cgroups: log early return 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:58:10 +01:00
Christian Brauner
44234ae1e9
cgroups: s/__cg_mount_direct()/__cgroupfs_mount()/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:54:51 +01:00
Christian Brauner
6768700d24
cgroups: strip LXC_AUTO_CGROUP_MIXED and LXC_AUTO_CGROUP_FULL_MIXED when cgroup namespaces are supported and used 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:54:10 +01:00
Christian Brauner
80262447c9
cgroups: fix flag checking in legacy mount paths 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:45:45 +01:00
Christian Brauner
1411165033
cgroups: s/cg_mount_cgroup_full()/cgroupfs_bind_mount()/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:44:24 +01:00
Christian Brauner
074af8903c
cgroups: s/cg_mount_in_cgroup_namespace()/cgroupfs_mount()/g 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:42:56 +01:00
Christian Brauner
6cc501f3e0
conf: remove wrong comment 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:41:02 +01:00
Christian Brauner
c581c8a365
cgroups: switch to flag-based checking 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:36:49 +01:00
Christian Brauner
68599aab10
cgroups: don't strip LXC_AUTO_CGROUP_FORCE 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:25:00 +01:00
Christian Brauner
cdd3b77d0c
cgroups: make clear that a flag argument is passed to cgroup mount functions 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 13:23:51 +01:00
Christian Brauner
8cdbef77df
utils: add development helper to quickly dump a directories contents 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 12:29:47 +01:00
Christian Brauner
e7e45fdffc
cgroups: improve cgroup mounting 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 12:23:36 +01:00
Christian Brauner
937a3af94e
cgroups: verify that we are actually running in cgroup namespace 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 12:05:20 +01:00
Christian Brauner
ab8cd5d9e2
cgroups: pass handler to cgroup mount() method 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 11:57:31 +01:00
Christian Brauner
6d25a524d8
conf: don't pass conf separately to lxc_mount_auto_mounts() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 11:55:33 +01:00
Christian Brauner
c988c8b1ce
cgroups: move cgns_supported() to cgroup utilities 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-15 11:51:11 +01:00
Stéphane Graber
4b9467975c
Merge pull request #3672 from brauner/2021-02-14/fixes 
start: small fixes
 2021-02-14 15:38:58 -05:00
Christian Brauner
245066afbc
start: fix comment about time namespace preservation 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-14 20:45:22 +01:00
Christian Brauner
3a89b0ab0a
start: improve comment in lxc_spawn() 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-14 20:44:57 +01:00
Christian Brauner
9beaca55d7
start: improve comments 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-14 20:44:18 +01:00
Christian Brauner
857ba1f0c5
start: improve namespace preservation 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-14 20:42:36 +01:00
Christian Brauner
cb3b010c16
start: fix error handling and improve comment 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2021-02-14 20:36:25 +01:00