The previous error message made it look like the host interface name was
the concatenation of both the host and guest interface names.
Closes#374
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Do as much as possible to allow containers switching from non-systemd to
systemd to work as intended (but nothing that will cause side effects).
Use update-rc.d disable instead of remove so the init scripts are not
re-enabled when the package is updated
Signed-off-by: Cameron Norman <camerontnorman@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This reverts commit 55ae7edb18.
This change caused hangs in the testsuite, specifically with lxc-user-nic.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Ran into this when trying to automate stgraber's "GUI in containers"
post.
Signed-off-by: Casey Marshall <casey.marshall@canonical.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This is a copy of patch version 3 for issue #278 on the issue-tracker:
- Allow multiple bind-mounts (--bdir) and multiple cow-mounts (--cdir).
- Further fixes to permissions throughout lxc-start-ephemeral (annotated
in the code).
Signed-off by: Oleg Freedholm <overlayfs@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
There are now two (permitted) ways to add data to netlink message:
1. put_xxx()
2. call nlmsg_reserve() to get a pointer to newly reserved room within the
original netlink message, then write or memcpy data to that area.
Both of them guarantee adding requested length data do not overflow the
pre-allocated message buffer by checking against its cap field first.
And there may be no need to access nlmsg_len outside nl module, because both
put_xxx() and nlmsg_reserve() have alread did that for us.
Signed-off-by: Shuai Zhang <zs.broccoli@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Disabled building openSUSE containers on openSUSE 13.2 and openSUSE
Tumbleweed due to faulty behaviour with newer versions of
init_buildsystem.
Signed-off-by: Johannes Kastl <git@ojkastl.de>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Create a tty so we get login prompt on console by default
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
nlmsg_len is the length of message including header.
Signed-off-by: Shuai Zhang <zs.broccoli@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Bind mounts do not honor filesystem mount options. This change will
remount filesystems that are bind mounted if there are changes to
filesystem mount options, specifically if the mount is readonly.
Signed-off-by: Abin Shahab <ashahab@altiscale.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
* fix "reg" to "req" in English (fix for commit b8683fe)
* change "opt" to "req" in Japanese
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This adds OpenWrt common config file.
Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
CC: Luka Perkov <luka.perkov@sartura.hr>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Support creation and use of lxc-cirros by unprivileged users.
If we detect we are an unprivileged user, then insist that we
be in a userns with a id mapping.
If we are in a userns, then don't extract /dev when extracting
the rootfs.
If we are not root, then save the tarball to ~/.cache/lxc/cirros
instead of /var/cache/lxc/cirros.
If we are not roo, then include entries to auto-mount proc and sys,
as well as bind-mount devices.
Cc: Scott Moser <smoser@ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This is a multipart message in MIME format.
Fixes a small (but consistent) spelling mistake in conf.c
Signed-off-by: Joel Nider <joeln@il.ibm.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Otherwise both resulting takss will print what they had flushed when they
exit.
This fixes https://bugs.launchpad.net/bugs/1389244
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Tested-by: Tycho Andersen <tycho.andersen@canonical.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Add simple test case for attach() method. Add assert for return value
from create() method which also returns a boolean.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Do mkdir $rootfs/dev/shm and then mount tmpfs on /dev/shm.
Signed-off-by: TAMUKI Shoichi <tamuki@linet.gr.jp>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Containers with systemd need a somewhat special setup, which I borrowed
and adapted from lxc-fedora. These changes are required so that Debian 8
(jessie) containers work properly, and are a no-op for previous Debian
versions.
Signed-off-by: Antonio Terceiro <terceiro@debian.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
We allocate a pointer and save this address in a static variable. After
this we freed this pointer and return.
Here a cuttout of a valgrind report:
[...]
==11568== Invalid read of size 1
==11568== at 0x4C2D524: strlen (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==11568== by 0x5961C9B: puts (in /usr/lib/libc-2.20.so)
==11568== by 0x400890: main (lxc_config.c:73)
==11568== Address 0x6933e21 is 1 bytes inside a block of size 32 free'd
==11568== at 0x4C2B200: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==11568== by 0x4E654F2: lxc_global_config_value (utils.c:415)
==11568== by 0x4E92177: lxc_get_global_config_item (lxccontainer.c:2287)
==11568== by 0x400883: main (lxc_config.c:71)
[...]
Signed-off-by: Silvio Fricke <silvio.fricke@gmail.com>
Fix a typo in the lines inserted in the default sources.list.
Change the default mirror to http.debian.net which is (supposedly) more
accurate and better than cdn.debian.net for a generic configuration.
Use security.debian.org directly for the {release}/updates repository.
Signed-off-by: Gu1 <gu1@aeroxteam.fr>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This commit fixes two issues at the time of clone:
* unnecessary directory is created when clone between overlayfs/aufs
* clone failed when the end of rootfs path is not "/rootfs"
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
"all" is not a supported keyword for cgmanager's get_pid_cgroup.
Pass the first mounted cgroup subsystem instead of passing "all" when
getting the container's cgorup to attach to.
Also, make sure that the target cgroup is in fact in all identical
cgroups before attaching with 'all". If not, then we must attach to
each cgroup separately, or else we will not be in all the same cgroups
as the target container.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This patch creates workdir as "olwork", and retry mount with workdir
option when mount is failed.
It is used to prepare files before atomically swithing with
destination, and needs to be on the same filesystem as upperdir. It's
OK for it to be empty.
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
If attach is being done over passed-in fds, then we shouldn't
mess with the caller's signal table to ignore ctrl-c over the
fd.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
