11006 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Christian Brauner	87545854f7	mount_utils: detect new mount api support ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 18:52:54 +01:00
Christian Brauner	55a85f4a11	mount_utils: kill mount_from_at() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 18:52:54 +01:00
Christian Brauner	d2c885f199	conf: use fd_bind_mount() in lxc_fill_autodev() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 18:52:54 +01:00
Christian Brauner	041d1e3054	mount_utils: add support for bind-mounts through the new mount api ... fd_bind_mount() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 18:52:54 +01:00
Christian Brauner	ca9055b473	mount_utils: kill mount_at() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 18:52:54 +01:00
Christian Brauner	a099c5db1c	cgroups: switch __cg_mount_direct() to use the new mount api ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 18:52:54 +01:00
Christian Brauner	23a20dbea8	cgroups: switch tmpfs mounting to new mount api ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 18:52:53 +01:00
Christian Brauner	bfbfeedfab	conf: switch mount_autodev() to new mount api ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 18:52:53 +01:00
Christian Brauner	1f3eb95965	mount_utils: add extended helpers for new mount api ... fs_prepare() fs_set_property() fs_attach() fs_mount() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 18:52:49 +01:00
Christian Brauner	74ed30d721	mount_utils: move mount_at() and mount_from_at() over from utils.{c,h} ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:56:59 +01:00
Christian Brauner	b5daeddc5a	Merge pull request #3657 from brauner/2021-02-05/init_groups ... conf: implement lxc.init.groups	2021-02-05 12:30:17 +01:00
Christian Brauner	7fe8120eca	confile: make garbage groups an error ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:14:09 +01:00
Christian Brauner	6f6c71cdca	tests: improve lxc.init.groups tests ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:14:08 +01:00
Christian Brauner	c71f64cbe0	confile: handle appending init groups ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:14:07 +01:00
Christian Brauner	4822319f31	conf: use lxc_groups_t directly ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:14:06 +01:00
Christian Brauner	fb4dbb516c	attach_options: use size_t for lxc_groups_t ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:14:05 +01:00
Christian Brauner	9475d2b9b6	attach: use brackets around flag check ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:14:02 +01:00
Christian Brauner	f5072dcd5f	attach_options: use standard C pointer syntax ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:13:28 +01:00
Christian Brauner	f41aa73b4e	attach_options: initialize .groups ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:13:25 +01:00
Ruben Jenster	8caac58373	attach: Add groups option to keep additional group IDs. ... Signed-off-by: Ruben Jenster <r.jenster@drachenfels.de>	2021-02-05 12:13:24 +01:00
Ruben Jenster	bf31b3378f	confile: add lxc.init.groups to keep additional groups ... Signed-off-by: Ruben Jenster <r.jenster@drachenfels.de>	2021-02-05 12:13:06 +01:00
Christian Brauner	5a7f1dc660	utils: rework lxc_setgroups() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:12:29 +01:00
Christian Brauner	8917c3825a	tree-wide: use lxc_drop_groups() instead of lxc_setgroups(0, NULL) ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:12:28 +01:00
Christian Brauner	8dd6f81e70	utils: add lxc_drop_groups() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-05 12:09:35 +01:00
Stéphane Graber	d71e4764b7	Merge pull request #3655 from brauner/2021-02-04/fixes_1 ... Tiny fixes in attach and utils	2021-02-04 17:44:48 -05:00
Christian Brauner	7f40f0617e	utils: check for snprintf() error ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 22:48:18 +01:00
Christian Brauner	bd6a23550f	attach: improve logging and terminology ... The term "intermediate process" is not very nice imho, "transient process" fits better. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 22:45:19 +01:00
Stéphane Graber	5ee510d614	Merge pull request #3651 from brauner/2021-02-04/fixes ... cgroups: fix cgroup mounting	2021-02-04 15:40:31 -05:00
Christian Brauner	59114d8053	cgroups: check for correct error in __cg_unified_attach() from cgroup_attach() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 20:27:40 +01:00
Christian Brauner	ea11a215dc	tree-wide: s/dfd_root_host/dfd_host/g ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 19:51:26 +01:00
Christian Brauner	ea57e42409	tree-wide: s/mntpt_fd/dfd_mnt/g ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 19:50:11 +01:00
Christian Brauner	a5a08920ee	tree-wide: s/dev_mntpt_fd/dfd_dev/g ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 19:50:10 +01:00
Christian Brauner	8ea5110c9c	syscall_wrappers: fix PROTECT_OPEN_W macro ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 19:49:32 +01:00
Christian Brauner	927ea337a4	conf: restricted fd-only lxc_fill_autodev() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 19:49:32 +01:00
Christian Brauner	a370f16bcd	conf: start stashing dfd to host's / during container setup ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 19:49:22 +01:00
Christian Brauner	86087bd6bf	conf: fix lxc_setup_dev_console() ... We were printing garbage on accident. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 18:45:32 +01:00
Christian Brauner	977687db1c	utils: add mount_from_at() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 18:45:32 +01:00
Christian Brauner	7043e2b470	cgroups: restrict open calls in cgroup_attach_create_leaf() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 18:45:32 +01:00
Christian Brauner	6e2078de11	cgroups: improve error handling and logging in cgroup_attach_leaf() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 15:59:53 +01:00
Christian Brauner	88c27c5352	cgroups: fix argument vetting in cgroup_attach() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 15:59:53 +01:00
Christian Brauner	9a57778bb5	attach: fix fallback logic when attaching to cgroups ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 15:59:53 +01:00
Christian Brauner	02efd04151	cgroups: switch to fd-based cgroup mounting ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 15:59:52 +01:00
Christian Brauner	c689b58ad3	cgroups: restricted fd-only controller mountpoint creation ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 15:59:52 +01:00
Christian Brauner	315f8a4e42	cgroups: fix cgroup mounting ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-04 15:59:50 +01:00
Stéphane Graber	dfb71524d7	Merge pull request #3650 from brauner/2021-02-03/fixes_1 ... conf: harden various mount paths	2021-02-03 17:05:35 -05:00
Christian Brauner	cbc2ddf5b3	utils: harden __safe_mount_beneath_at() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-03 21:57:44 +01:00
Christian Brauner	952b5031b7	conf: refactor transient procfs mounting ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-03 21:54:52 +01:00
Christian Brauner	ccf5374124	conf: restrict open call in lxc_mount_rootfs() ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-03 20:58:45 +01:00
Christian Brauner	e1b9d6af00	conf: make lxc_create_tmp_proc_mount() static ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-03 20:55:01 +01:00
Christian Brauner	fdb57ab442	conf: coding style ... Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-03 20:51:56 +01:00