Modules should not link to the Lua core library.
See http://lua-users.org/wiki/BuildingModules under
"Do Not Link Modules to the Lua Core Libraries"
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Systems based on systemd mount the root shared by default. We don't want
mounts done during creation by templates nor those done internally by
bdev during rsync based clones to propagate to the root mntns.
The create case already had the right check, but the mount call was
missing "/", so it was failing.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
We have added 3 new build servers for Alpine Linux musl libc x86, x86_64
and arm. Add the sha256sum for those keys.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Fix the issues reported by checkbashisms and change back to #!/bin/sh
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Since we're no longer always returning a getenv result or some defined
string, the callers should cleanup the variable after use.
As a result, change from const char* to char*, add the needed free()
everywhere and use strdup() on strings coming from getenv.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
That's to make sure that if the bridge has a higher than 1500
mtu, the new veth (defaulting to 1500) doesn't lower it.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This makes get_rundir actually do what I meant it to do... for some
reason I missed that one in testing...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
If get_rundir can't find XDG_RUNTIME_DIR in the environment, it'll
attempt to build a path using ~/.cache/lxc/run/. Should that fail
because of missing $HOME in the environment, it'll then return NULL an
all callers will fail in that case.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
If we are unprivileged and have asked for a veth device, then create
a pipe over which to pass the veth names.
Network-related todos:
1. set mtu on the container side of veth device
2. set mtu in lxc-user-nic. Note that this probably requires an
update to the /etc/lxc/lxc-usernet file :(
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
after commit 4e4ca16158 we are
checking for optional in mntopts after we forcibly remove it.
Cache whether we had it before removing it.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Otherwise mount may return -EINVAL if in-kernel super-block parser
objects (as is the case with ext4).
Changelog v2:
also drop 'optional'
specifically drop create=dir, not create=*
fix order of arguments for memmove
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
We can't get the actual policy (in the case where the policy file
has changed) from the container, but at least we can use the
seccomp policy file listed in the container config file.
(If anyone wants to further improve this, it may be better to get
the seccomp policy over the cmd api; not sure that's what we want,
and this seems simpler to hook into the existing code, so I went
this way for now)
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This adds detection for the case where we are root in an unprivileged
container and then run LXC from there. In this case, we want to download
to the system location, ignore the missing uid/gid ranges and run
templates that are userns-ready.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
lxc-user-nic now returns the names of the interfaces and
unpriv_assign_nic function parses that information to fill
missing netdev->veth_attr.pair and netdev->name.
With this patch get_running_config_item started to provide
correct information;
>>> import lxc; c = lxc.Container("rubik"); c.get_running_config_item("lxc.network.0.name"); c.get_running_config_item("lxc.network.0.veth.pair");
'eth0'
'veth9MT2L4'
>>>
and lxc-info started to show network stats;
lxc-info -n rubik
Name: rubik
State: RUNNING
PID: 23061
IP: 10.0.3.233
CPU use: 3.86 seconds
BlkIO use: 88.00 KiB
Memory use: 6.53 MiB
KMem use: 0 bytes
Link: veth9MT2L4
TX bytes: 3.45 KiB
RX bytes: 8.83 KiB
Total bytes: 12.29 KiB
Signed-off-by: S.Çağlar Onur <caglar@10ur.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
