mirror_lxc

mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-04 12:46:42 +00:00

Author	SHA1	Message	Date
Christian Brauner	cf9e29f352	build: add more tests to meson Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>	2022-03-23 16:11:00 +01:00
Christian Brauner	44c22b8a95	tests: fix include statements Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>	2022-03-23 16:10:48 +01:00
Stéphane Graber	c8f5432d54	Merge pull request #4095 from brauner/2022-03-22.meson build: add tests to meson	2022-03-22 09:40:44 -04:00
Christian Brauner (Microsoft)	2cf04d6695	build: add tests to meson Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>	2022-03-22 08:48:43 +01:00
Stéphane Graber	30ebf0964d	Merge pull request #4091 from JamiKettunen/non-modular-kernels lxc-checkconfig: Only check probed modules if /proc/modules exists	2022-03-09 17:14:05 +01:00
Jami Kettunen	b7affe5264	lxc-checkconfig: Only check probed modules if /proc/modules exists Kernels can be built with CONFIG_MODULES=n which results in is_probed() telling the module isn't probed and lsmod spamming the following to stderr each time it's called: libkmod: kmod_module_new_from_loaded: could not open /proc/modules: No such file or directory Error: could not get list of modules: No such file or directory Fix this by "stubbing" is_probed() when /proc/modules doesn't exist as it's always called after a is_enabled() anyway. Signed-off-by: Jami Kettunen <jami.kettunen@protonmail.com>	2022-03-08 12:37:08 +02:00
Stéphane Graber	2ff64429ec	Merge pull request #4090 from brauner/2022-02-22.fixes.4 cgroups: modify cgroup2 attach logic	2022-02-24 11:32:30 -05:00
Christian Brauner	2e67b0d47f	cgroups: modify cgroup2 attach logic Recent kernels have seen various permission checking fixes when moving processes into cgroups. So we're forced to modify how we attach to containers. Link: https://discuss.linuxcontainers.org/t/lxd-4-23-unable-to-start-nested-containers Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-02-23 15:58:27 +01:00
Stéphane Graber	642052d58c	Merge pull request #4089 from brauner/2022-02-22.fixes ttys: ensure container_ttys= env variable is set correctly	2022-02-22 10:52:37 -05:00
Christian Brauner	3b9f84fd23	ttys: ensure container_ttys= env variable is set correctly Fixes: #4088 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-02-22 12:20:15 +01:00
Christian Brauner	96a30fe95b	Merge pull request #4087 from tenforward/japanese doc: Fix reverse allowlist/denylist in Japanese man page	2022-02-21 14:32:10 +01:00
KATOH Yasufumi	302a87291c	doc: Fix reverse allowlist/denylist in Japanese man page Update for commit `2965130c45` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2022-02-21 22:17:36 +09:00
Stéphane Graber	fd115a7359	Merge pull request #4085 from brauner/2022-02-20.cgroup.fixes cgroups: fixes	2022-02-20 14:53:07 -05:00
Christian Brauner	f7abb27245	cgroups: log fd of newly created cgroup Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-02-20 15:52:10 +01:00
Christian Brauner	c090dbedbd	cgroups: check that opened file descriptor is a cgroup filesystem Link: https://discuss.linuxcontainers.org/t/lxd-4-23-unable-to-start-nested-containers/13416 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-02-20 15:47:28 +01:00
Christian Brauner	cc07e2d6c0	Merge pull request #4078 from stgraber/master lxc-checkconfig: Fix bashism	2022-02-03 07:08:40 +01:00
Stéphane Graber	2965130c45	doc: Fix reverse allowlist/denylist Reported at: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1957934 Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>	2022-02-02 21:28:58 -05:00
Stéphane Graber	903b1996b9	lxc-checkconfig: Fix bashism Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>	2022-02-02 21:11:09 -05:00
Stéphane Graber	73bc39ac8c	Merge pull request #4077 from terceiro/lxc-net-on-lxc lxc-net: don't start by default inside lxc	2022-02-02 13:35:09 -05:00
Antonio Terceiro	b9dd36af0c	lxc-net: don't start by default inside lxc When lxc is installed inside an lxc container, trying to bring up lxc-net with the default parameters will conflict with the networking setup for lxc on the host. This breaks all networking inside the container where lxc is installed. Signed-off-by: Antonio Terceiro <terceiro@debian.org>	2022-02-02 15:14:09 -03:00
Stéphane Graber	97592484fa	Merge pull request #4069 from brauner/2021-01-21.fixes lxccontainer: allow xdev when creating the container dir	2022-01-21 07:47:07 -05:00
Christian Brauner	1238fee01b	lxccontainer: allow xdev when creating the container dir Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-21 09:44:01 +01:00
Christian Brauner	a368b91a90	Merge pull request #4065 from stgraber/master github: Clear default ACL on /home	2022-01-20 18:06:53 +01:00
Stéphane Graber	4188864e22	github: Clear default ACL on /home Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>	2022-01-20 11:31:24 -05:00
Stéphane Graber	55d6e49efe	Merge pull request #4066 from brauner/2022-01-18.fixes.2 conf, lxccontainer, build: fixes	2022-01-20 08:43:50 -05:00
Christian Brauner	8c1c30368a	github: add systemd-coredump Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:58:58 +01:00
Christian Brauner	a434e4d4f3	github: more detailed compilation instructions Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:58:58 +01:00
Christian Brauner	617efa73e1	github: log system info Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:58:58 +01:00
Christian Brauner	0fd92707a5	github: ensure system liblxc is wiped Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:59 +01:00
Christian Brauner	e53abc4196	lxccontainer: properly wrap lxcapi_create() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:59 +01:00
Christian Brauner	e27637b7b9	build: simplify thread local storage handling Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:59 +01:00
Christian Brauner	f7d3ef8380	build: only enable LTO for regular builds Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:59 +01:00
Christian Brauner	c123aa042a	lxccontainer: simplify partial file creation Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:59 +01:00
Christian Brauner	0e375b104b	lxccontainer: improve create_partial() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:58 +01:00
Christian Brauner	07ea844f4e	lxccontainer: improve do_lxcapi_create() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:58 +01:00
Christian Brauner	78ffe01108	lxccontainer: improve do_lxcapi_save_config() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:58 +01:00
Christian Brauner	e5af72a666	conf: log termination status Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:58 +01:00
Christian Brauner	e0f6f149d5	conf: improve userns_exec_mapped_root() As we do in all other places, first drop groups, then use setres{g,u}id(). Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-20 12:12:58 +01:00
Stéphane Graber	73ff048d66	Merge pull request #4063 from simondeziel/gnupg github: stop installing gnupg now that it's unused	2022-01-18 10:00:27 -05:00
Simon Deziel	aec7c9c2fa	github: stop installing gnupg now that it's unused Signed-off-by: Simon Deziel <simon.deziel@canonical.com>	2022-01-18 09:53:45 -05:00
Christian Brauner	8128bbef4d	Merge pull request #4062 from stgraber/master lxc-download: Rely on HTTPS only	2022-01-18 15:24:41 +01:00
Stéphane Graber	5852026304	lxc-download: Rely on HTTPS only GPG has been a major source of issues over the years with various attacks on the key network as well as client side issues making it hard to retrieve our keys. Back when we introduced the image server, SSL certificates were still expensive and annoying to setup, so not something we'd have expected potential mirrors to setup for us. They were also issued for multiple years, making a compromise of such a certificate quite problematic. But things have changed since, we now have completely free, very easily deployable SSL certificates everywhere with the majority of those being shortlived and with good reporting of issued certificates. With that, we can now deprecate the GPG validation, disable the fallback to non-HTTPS download and rely on our indices being accurate because they've been downloaded from a server with a valid certificate. This puts LXC more in line with what LXD has done since the beginning and should offer a more reliable user experience. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>	2022-01-17 21:15:53 -05:00
Stéphane Graber	0d27a21656	Merge pull request #4058 from brauner/2022-01-13.fixes cgroups: improvements	2022-01-14 18:03:58 -05:00
Stéphane Graber	10a2878e0d	Merge pull request #4059 from DevinNorgarb/patch-1 Update README.md: Fix broken link (403 Forbidden)	2022-01-14 11:30:18 -05:00
Devin Norgarb	5e7448b57b	Update README.md: Fix broken link (403 Forbidden) Signed-off-by: Devin Norgarb dnorgarb@gmail.com	2022-01-14 18:04:16 +02:00
Christian Brauner	d979b58c38	attach: don't pointlessly call cgroup_init() We can let attach detect that it is running on a cgroup layout without writable cgroup hierarchies. In that case attach can finish early and doesn't need to run the heavy-handed cgroup parsing code. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-13 18:51:00 +01:00
Christian Brauner	575704fe80	commands: log command during file descriptor retrieval Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2022-01-13 17:42:17 +01:00
Stéphane Graber	e3d53aeaf2	Merge pull request #4057 from Dmole/patch-2 lxc-checkconfig.in: CONFIG_NF_NAT_IPV4	2022-01-12 15:36:53 -05:00
Tim	5017adb35a	lxc-checkconfig.in: CONFIG_NF_NAT_IPV4 was removed from the kernel 2019-03-03 Signed-off-by: Tim L <elatllat@gmail.com>	2022-01-12 09:55:25 -05:00
Stéphane Graber	544606ead3	Merge pull request #4054 from hallyn/2022-01-09/trivial (trivial) Fix error message, failure was connect not bind	2022-01-09 23:16:17 +01:00

1 2 3 4 5 ...

11271 Commits