userns_exec_1() clones a new task to manipulate. We don't
need to fork before calling that.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This fixes the following compile errors with uClibc:
lxc_snapshot.c: In function 'print_file':
lxc_snapshot.c:71:2: error: implicit declaration of function 'getline' [-Werror=implicit-function-declaration]
while (getline(&line, &sz, f) != -1) {
^
cc1: all warnings being treated as errors
lxc_usernsexec.c: In function 'read_default_map':
lxc_usernsexec.c:181:2: error: implicit declaration of function 'getline' [-Werror=implicit-function-declaration]
while (getline(&line, &sz, fin) != -1) {
^
cc1: all warnings being treated as errors
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This fixes various compile errors when building with musl libc. For
example:
In file included from start.c:66:0:
monitor.h:38:12: error: 'NAME_MAX' undeclared here (not in a function)
char name[NAME_MAX+1];
^
start.c: In function 'setup_signal_fd':
start.c:202:2: error: implicit declaration of function 'sigfillset' [-Werror=implicit-function-declaration]
if (sigfillset(&mask) ||
^
...
In file included from freezer.c:36:0:
monitor.h:39:12: error: 'NAME_MAX' undeclared here (not in a function)
char name[NAME_MAX+1];
^
...
In file included from cgroup.c:45:0:
conf.h:87:13: error: 'IFNAMSIZ' undeclared here (not in a function)
char veth1[IFNAMSIZ]; /* needed for deconf */
^
cgroup.c: In function 'find_cgroup_subsystems':
cgroup.c:230:3: error: implicit declaration of function 'strdup' [-Werror=implicit-function-declaration]
(*kernel_subsystems)[kernel_subsystems_count] = strdup(line);
^
...
In file included from conf.c:65:0:
conf.h:87:13: error: 'IFNAMSIZ' undeclared here (not in a function)
char veth1[IFNAMSIZ]; /* needed for deconf */
^
In file included from conf.c:66:0:
conf.c: In function 'run_buffer':
log.h:263:9: error: implicit declaration of function 'strsignal' [-Werror=implicit-function-declaration]
struct lxc_log_locinfo locinfo = LXC_LOG_LOCINFO_INIT; \
^
...
af_unix.c: In function 'lxc_abstract_unix_send_credential':
af_unix.c:208:9: error: variable 'cred' has initializer but incomplete type
struct ucred cred = {
^
af_unix.c:209:3: error: unknown field 'pid' specified in initializer
.pid = getpid(),
^
af_unix.c:209:3: error: excess elements in struct initializer [-Werror]
af_unix.c:209:3: error: (near initialization for 'cred') [-Werror]
af_unix.c:210:3: error: unknown field 'uid' specified in initializer
.uid = getuid(),
^
af_unix.c:210:3: error: excess elements in struct initializer [-Werror]
af_unix.c:210:3: error: (near initialization for 'cred') [-Werror]
af_unix.c:211:3: error: unknown field 'gid' specified in initializer
.gid = getgid(),
^
and more...
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
utmpx.h is specified in POSIX but utmpxname is not so we check for
utmpxname in configure script.
This fixes the following compile error with musl libc:
lxcutmp.c: In function 'utmp_get_runlevel':
lxcutmp.c:249:2: error: implicit declaration of function 'utmpxname' [-Werror=implicit-function-declaration]
if (!access(path, F_OK) && !utmpxname(path))
^
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Instead rely on struct ethhdr from net/ethernet.h
This fixes build error with musl libc:
In file included from /usr/include/linux/if_bridge.h:17:0,
from network.c:47:
/usr/include/linux/if_ether.h:133:8: error: redefinition of 'struct ethhdr'
struct ethhdr {
^
In file included from /usr/include/net/ethernet.h:10:0,
from network.c:42:
/usr/include/netinet/if_ether.h:93:8: note: originally defined here
struct ethhdr {
^
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This fixes compile error with musl libc:
In file included from start.c:66:0:
monitor.h:38:12: error: 'NAME_MAX' undeclared here (not in a function)
char name[NAME_MAX+1];
^
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This fixes the following error with musl libc:
In file included from start.c:59:0:
log.h: In function 'lxc_log_priority_to_int':
log.h:136:2: error: implicit declaration of function 'strcasecmp' [-Werror=implicit-function-declaration]
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This fixes compile error when build with musl libc:
conf.h:92:2: error: unknown type name 'uint'
uint fmask;
^
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
poll.h is defined in POSIX:
http://pubs.opengroup.org/onlinepubs/009695399/functions/poll.html
This fixes a compile warning when building with musl libc:
In file included from start.c:46:0:
/usr/include/sys/poll.h:1:2: error: #warning redirecting incorrect #include <sys
/poll.h> to <poll.h> [-Werror=cpp]
#warning redirecting incorrect #include <sys/poll.h> to <poll.h>
^
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
lxc_map_ids can call system(3), which on error from the
spawned process returns > 0. No path should return > 0
when it meant success. So check the lxc_map_ids() value
to be != rather than just < 0.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Move the test of mp->need_cpuset_init to a logically better place.
Avoid misleading error messages.
Signed-off-by: Robert Vogelgesang <vogel@users.sourceforge.net>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
lxc_monitord_spawn() in src/lxc/monitor.c contained "umask(0);", and
because of this, lxc-monitord created lxc-monitord.log with mode 0666.
World-writeable log files are bad, so remove this umask(0).
Signed-off-by: Robert Vogelgesang <vogel@users.sourceforge.net>
Acked-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
If we have a bad config file entry, fail. Otherwise lxc-start
will proceed with a partial configuration.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Remove a memory leak on error path.
Only try to initialize cpuset if cgroup.clonechildren does not exist.
Bump the max value we read from cpuset.{cpus,mems} to 1024.
If cpuset.cpus or .mems is already initialized but is too long, don't fail.
If parent's cpuset.cpus or .mems is too long, record an error and fail.
If anyone actually runs into this, we can simply allocate the required
length as needed, but we don't expect anyone to run into this.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Hi,
as promised last week, here's my patch for cpuset cgroup support for
kernels without the cgroup.clone_children feature.
My initial patch used "#include <linux/version.h>" and the macros defined
there to decide if cgroup.clone_children should be used or not. After
having seen Serge Hallyn's patch which he posted to the list last Wednesday,
where he used stat() to check if the cgroup.clone_children file is there,
I rewrote my patch to do the same.
The patch is against 1.0.0.beta3, and it is tested successfully with
RHEL-6's kernel version 2.6.32-431.3.1.el6, compiled without cgmanager
(I've so far not tried to use cgmanager in RHEL-6).
In addition to fixing the cpuset cgroup setup, this patch also fixes a
wrong argument in a call to handle_cgroup_settings() in the same context.
Robert
Signed-off-by: Robert Vogelgesang <vogel@users.sourceforge.net>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This allows external users to query network related config items
from the running containers.
changes since v1:
- function name change
Signed-off-by: S.Çağlar Onur <caglar@10ur.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Otherwise, after a fork, both pids may be flushing. When
redirecting output to a file, this causes duplicate (or really
far worse) output.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
- Also include the variant in the path
- Fix invalid LXC_CACHE_BASE
- Drop redundant code
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Make the way symmetric. This also fix the file leak in
daemon model.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
If the user explicitly asks for a snapshot clone (in which
case maybe_snap is not set), we cannot abide this currently.
Rather than exit later with more cryptic error messages, exit
out early.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
After this patch, starting an unprivileged container using
cgmanager gets the cgroup chown to the container root, so
that it can install the cgmanager (proxy) and make cgroup
requests.
(Still desirable and not in this patch is the automatic setup of
/sys/fs/cgroup/manager/sock, which you can currently do with
two lxc.mount.entries)
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Added code to the CentOS and Fedora templates so that x86 32 bit containers
may be built on x86_64 platforms. Like archectectures may also be trivially
used as well.
Option added is "-a {arch}".
Additionally cleaned up some bash specific logic.
Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
The geteuid() addition is being made the first element of the lxc_list,
but the first element is just a head whose entry is ignored. Therefore
userns_exec_1() was starting its tasks without the caller's uid mapped
into the namespace.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
