mirror_lxc

mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-03 07:23:23 +00:00

Author	SHA1	Message	Date
KATOH Yasufumi	302a87291c	doc: Fix reverse allowlist/denylist in Japanese man page Update for commit `2965130c45` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2022-02-21 22:17:36 +09:00
Stéphane Graber	2965130c45	doc: Fix reverse allowlist/denylist Reported at: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1957934 Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>	2022-02-02 21:28:58 -05:00
KATOH Yasufumi	9fe946bcc6	doc: fix typo in English lxc.container.conf(5) Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2021-10-23 15:26:26 +09:00
KATOH Yasufumi	9093e17958	doc: Add lxc.sched.core to Japanese lxc.container.conf(5) Update for commit `09996a4` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2021-10-23 15:18:00 +09:00
KATOH Yasufumi	cc6a34b9da	doc: add way to specify broadcast address to Japanese lxc.container.conf(5) Update for commit `5686798` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2021-10-23 14:53:58 +09:00
KATOH Yasufumi	4ced441ef9	doc: add loglevels to ja and ko common options Update for commit `44b87e8` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2021-10-23 14:45:13 +09:00
Christian Brauner	d90d30072c	conf: add cgroup2, cgroup2:ro, cgroup2:force, cgroup2:ro:force options We keep running into situations where we want to pre-mount a pure cgroup2 layout regardless of the layout of the host. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-10-21 16:40:16 +02:00
Christian Brauner	09996a4821	lxc: add lxc.sched.core Core scheduling defines if the container payload is marked as being schedulable on the same core. Doing so will cause the kernel scheduler to ensure that tasks that are not in the same group never run simultaneously on a core. This can serve as an extra security measure to prevent the container payload from using cross hyper thread attacks. The only allowed values are 0 and 1. Set this to 1 to create a core scheduling domain for the container or 0 to not create one. If not set explicitly no core scheduling domain will be created for the container. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-09-29 14:07:41 +02:00
Stéphane Graber	cf92aaac1c	Merge pull request #3899 from denisfa/master Improve bash completion experience.	2021-08-11 13:42:18 -04:00
Thomas Parrott	5686798d8e	doc: Adds mention of ability to specify manual IPv4 broadcast address See also https://github.com/lxc/lxd/pull/9103 Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>	2021-08-10 11:32:30 +01:00
Stéphane Graber	58795066dc	doc/api-extensions: Grammar fix Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>	2021-08-09 13:40:49 -04:00
Stéphane Graber	10fe481d5f	Fix typos This fixes all typos identified by lintian. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>	2021-07-28 15:14:38 -04:00
Serge Hallyn	44b87e816b	doc/common_options: add trace and alert loglevels Signed-off-by: Serge Hallyn <serge@hallyn.com>	2021-07-14 22:17:40 -05:00
Edênis Freindorfer Azevedo	f8fae86f13	Fix typo on documentation for `lxc-{attach,execute}`. According to `[1]`, `lxc-attach` uses `-u,-g` instead of `--u,--g`. According to `[2]`, `lxc-execute` uses `-u,-g` instead of `--u,--g`. - [1] https://github.com/lxc/lxc/blob/stable-4.0/src/lxc/tools/lxc_attach.c#L131-L132 - [2] https://github.com/lxc/lxc/blob/stable-4.0/src/lxc/tools/lxc_execute.c#L59-L60 Signed-off-by: Edenis Freindorfer Azevedo <edenisfa@gmail.com>	2021-07-06 22:50:24 -03:00
Edênis Freindorfer Azevedo	98632d6ae0	Fix typo on documentation for `lxc-autostart`. According to `[1,2]`, this command has `--groups` instead of `--group`. - [1] https://github.com/lxc/lxc/blob/stable-4.0/src/lxc/tools/lxc_autostart.c#L64 - [2] https://github.com/lxc/lxc/blob/stable-4.0/src/lxc/tools/lxc_autostart.c#L84 Signed-off-by: Edenis Freindorfer Azevedo <edenisfa@gmail.com>	2021-07-06 22:50:24 -03:00
KATOH Yasufumi	d47d8b6d4d	doc: Fix typo in English lxc.container.conf(5) Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2021-07-05 12:00:32 +09:00
KATOH Yasufumi	caf30f2731	doc: Add new idmap= option to Japanese lxc.container.conf(5) Update for commit `1852be9048` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2021-07-05 11:54:43 +09:00
KATOH Yasufumi	27bf2abc68	doc: Append description of net type field Update for commit `320061b34f` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2021-07-05 11:23:49 +09:00
KATOH Yasufumi	5793ff9bd2	doc: Add eBPF-based device controller semantics to Japanese man page Update for commit `5025f3a690` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2021-07-05 11:23:35 +09:00
Christian Brauner	8de0119d48	tree-wide: replace problematic terminology Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-06-14 17:25:39 +02:00
Christian Brauner	f48e807159	tree-wide: replace problematic terminology Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-06-14 17:21:44 +02:00
Christian Brauner	3df13023b0	api_extensions: introduce idmapped_mounts_v2 api extension This indicates that LXC supports idmapping the rootfs and idmapped lxc.mount.entry entries. Link: https://github.com/lxc/lxd/issues/8870 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-06-08 15:59:13 +02:00
Christian Brauner	1852be9048	doc: document new idmap= option for lxc.rootfs.options Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-05-07 17:27:06 +02:00
Christian Brauner	fa3a003464	api-extensions: add entry for idmapped_mounts Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-04-28 15:39:37 +02:00
Thomas Parrott	320061b34f	doc: Documented that net type field must come before other options on the net device Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>	2021-03-29 17:20:42 +01:00
Christian Brauner	54dbe498b9	doc: tweak cgroup headline Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-19 15:23:29 +01:00
Christian Brauner	5025f3a690	doc: epxlain eBPF-based device controller semantics Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-19 15:23:29 +01:00
Christian Brauner	e9b3d28df4	doc: add missing ".[controller file] suffix to lxc.cgroup{2}. key explanations Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2021-02-19 15:23:27 +01:00
Stéphane Graber	55f7e4d688	Merge pull request #3586 from tenforward/japanese doc: Add lxc.cgroup.dir.monitor.pivot to Japanese man page	2020-11-21 10:56:16 -05:00
KATOH Yasufumi	74f9fb2c9d	doc: Add lxc.cgroup.dir.monitor.pivot to Japanese man page Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2020-11-22 00:26:35 +09:00
Ruben Jenster	7696c1f9d1	Introduce lxc.cgroup.dir.monitor.pivot On termination lxc may fail to remove either lxc.cgroup.dir or lxc.cgroup.dir.monitor, because the monitor process may still be a member of either of these cgroups. The pivot cgroup should not be a member (subpath) of any other container cgroup (dir). because only empty cgroups can be removed. Signed-off-by: Ruben Jenster <r.jenster@drachenfels.de>	2020-10-27 09:23:01 +01:00
KATOH Yasufumi	bf73687ae5	Update Japanese pam_cgfs(8) to reflect lack of support for pure cgroupv2 Update for commit `b87ed83bbc` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2020-10-25 01:35:35 +09:00
Arjun Ramachandrula	b87ed83bbc	Updated documentation to reflect lack of support for pure cgroupv2 Signed-off-by: Arjun Ramachandrula <arjun.ramachandrula@gmail.com>	2020-08-15 16:16:03 -04:00
Christian Brauner	0dd2e321c2	api-extension: add missing seccomp_proxy_send_notify_fd extension Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-06 17:33:09 +02:00
Christian Brauner	2140576960	seccomp: add seccomp_notify_fd_active api extension which allows to retrieve an active seccomp notifier fd from a running container. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-06 14:40:13 +02:00
Christian Brauner	f797f05e6e	terminal: safely allocate pts devices from inside the container This was a year long journey which seems to finally have come to an end. Closes: #1620. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-08-05 15:16:51 +02:00
Christian Brauner	41808e20a1	tree-wide: s/pts/pty/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-05 22:01:57 +02:00
Christian Brauner	c312db1110	api-extensions: add seccomp_allow_deny_syntax extension Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-03 15:14:15 +02:00
Christian Brauner	78522aa936	seccomp: support allowlist/denylist in profiles Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-07-03 13:18:36 +02:00
KATOH Yasufumi	bb144af237	doc: Add lxc.time.offset.* to Japanese lxc.container.conf(5) and fix a type in English man page. Update for commit `7fb5a8dfd2` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2020-06-26 14:24:28 +09:00
KATOH Yasufumi	6fcaba0559	doc: Add veth vlan bridge options to Japanese lxc.container.conf(5) Update for commit `a789ca4c24` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2020-06-26 14:10:03 +09:00
Christian Brauner	7fb5a8dfd2	doc: add lxc.time.offset.{boot,monotonic} Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-06-26 01:03:24 +02:00
Christian Brauner	b1248e473b	api: add time_namespace extension Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-06-26 01:03:24 +02:00
Christian Brauner	f1d358b08a	doc: update terminology Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-06-20 00:03:29 +02:00
Thomas Parrott	a789ca4c24	doc: Adds documentation for veth vlan bridge options Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>	2020-06-09 09:58:32 +01:00
KATOH Yasufumi	27f451e283	doc: Add lxc.cgroup.dir.{monitor,container,container.inner} to Japanese man Update for commit `a900cba` Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>	2020-04-05 21:18:59 +09:00
Christian Brauner	e9619d75b1	api-extensions: add and document cgroup_advanced_isolation Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-04-04 12:09:21 +02:00
Christian Brauner	51b07b7036	doc: s/lxc.cgroup.container.namespace/lxc.cgroup.container.inner/g Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-04-03 20:08:41 +02:00
Wolfgang Bumiller	a900cbaf25	introduce lxc.cgroup.dir.{monitor,container,container.inner} This is a new approach to #1302 with a container-side configuration instead of a global boolean flag. Contrary to the previous PR using an optional additional parameter for the get-cgroup command, this introduces two new additional commands to get the limiting cgroup path and cgroup2 file descriptor. If the limiting option is not in use, these behave identical to their full-path counterparts. If these variables are used the payload will end up in the concatenation of lxc.cgroup.dir.container and lxc.cgroup.dir.container.inner (which may be empty), and the monitor will end up in lxc.cgruop.dir.monitor. The directories are fixed, no retry count logic is applied, failing to create these directories will simply be a hard error. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>	2020-04-03 17:22:04 +02:00
Christian Brauner	fef909cf62	make dist: add missing files deleted: CODING_STYLE.md deleted: LICENSE.GPL2 deleted: LICENSE.LGPL2.1 deleted: README.md deleted: coccinelle/exit.cocci deleted: coccinelle/run-coccinelle.sh deleted: coccinelle/while-true.cocci deleted: doc/api-extensions.md deleted: src/tests/lxc-test-exit-code deleted: src/tests/travis.sh Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2020-03-24 20:37:00 +01:00

1 2 3 4 5 ...

723 Commits