mirror_lxc

mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-03 02:46:50 +00:00

Author	SHA1	Message	Date
Christian Brauner	d38dd64a51	tree-wide: fix includes to fix bionic builds Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-27 01:01:33 +02:00
Christian Brauner	464c46115f	utils: make lxc_switch_uid_gid() return bool Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-11 10:55:07 +02:00
Christian Brauner	8af07f821c	utils: make lxc_setgroups() return bool Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-11 10:54:46 +02:00
Christian Brauner	db2d1af171	utils: improve lxc_switch_uid_gid() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-11 00:44:57 +02:00
Christian Brauner	b962868f4c	utils: improve get_ns_uid() and add get_ns_gid() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-09-11 00:44:56 +02:00
Christian Brauner	37ef15bbd2	utils: split into {file,string}_utils.{c,h} Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-08-21 13:00:20 +02:00
Christian Brauner	f26dc127bf	CVE 2018-6556: verify netns fd in lxc-user-nic Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-08-06 12:15:39 -04:00
Christian Brauner	279c45eed3	macro: add new macro header This allows us to use a bunch of macros in our static build for init.lxc.static without having to link against all of utils.{c,h}. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-08-04 20:11:58 +02:00
Christian Brauner	521b4771a9	utils: add lxc_iterate_parts() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-07-26 16:23:09 +02:00
Wolfgang Bumiller	eb5c2e6aee	utils: add must_concat helper Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>	2018-07-25 12:12:27 +02:00
Liza Tretyakova	f6310f1844	utils: add shared mount point detection Signed-off-by: Liza Tretyakova <elizabet.tretyakova@gmail.com>	2018-07-22 15:25:15 +02:00
2xsec	d7ab03757c	utils: move recursive_destroy() from cfgsng to utils. Signed-off-by: 2xsec <dh48.jeong@samsung.com>	2018-07-03 14:44:24 +09:00
Christian Brauner	a9d4ebc168	utils: add fd_cloexec() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>	2018-07-01 20:00:14 +02:00
2xsec	b14fc1007c	utils: code cleanups Signed-off-by: 2xsec <dh48.jeong@samsung.com>	2018-06-30 18:45:21 +09:00
Christian Brauner	573ad77fc2	utils: fix task_blocking_signal() Closes #2342. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-26 21:47:46 +02:00
Christian Brauner	7ad3767052	utils: add remove_trailing_newlines() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-24 13:38:08 +02:00
Felix Abecassis	eacebcc3cb	seccomp: fix type mismatch when parsing syscall arguments filters Specifier %lli was insufficient for the type uint64_t, all values between 2^63-1 and 2^64-1 were silently converted to 2^63-1. We can't use %llu since it doesn't handle hexadecimal. Instead, we parse the values as strings and then use strtoull(3). Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>	2018-05-23 22:38:25 -07:00
Christian Brauner	aa769a272f	utils: add LXC_PROC_PID_FD_LEN Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-05-04 11:59:11 +02:00
Christian Brauner	7cea590585	lxccontainer: use thread-safe open() + write() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-04-29 16:42:44 +02:00
Christian Brauner	9e320621fd	utils: define __NR_setns if missing on old glibcs Closes #2248. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-04-10 12:27:39 +02:00
Christian Brauner	238b3e5ea4	lxccontainer: move macros to utils.h Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-02-24 21:38:03 +01:00
Christian Brauner	9994d1402c	confile: use mmap() to parse config file Sigh, this is going to be fun. Essentially, dynamic memory allocation through malloc() and friends is unsafe when fork()ing in threads. The locking state that glibc maintains internally might get messed up when the process that fork()ed calls malloc or calls functions that malloc() internally. Functions that internally malloc() include fopen(). One solution here is to use open() + mmap() instead of fopen() + getline(). Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-02-24 21:37:39 +01:00
Christian Brauner	5038d11a98	utils: include linux/types.h Closes #2178. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-02-21 10:13:12 +01:00
Christian Brauner	1fd0f41eff	utils: add lxc_set_death_signal() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-02-19 10:58:56 +01:00
Serge Hallyn	477aa378e9	define am_guest_unpriv Sometimes we want to know whether we are privileged wrt our namespaces, and sometimes we want to know whether we are priv wrt init_user_ns. Signed-off-by: Serge Hallyn <shallyn@cisco.com>	2018-02-08 12:06:39 -06:00
Christian Brauner	0c3deb94f4	cgroups: cgfsng_create: handle unified hierarchy Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-01-31 16:35:31 +01:00
Serge Hallyn	26f0e9151a	Merge pull request #2102 from brauner/2018-01-22/lsm_simplifications lsm: simplifcations	2018-01-29 17:08:38 -06:00
Tycho Andersen	5384e99dee	rename am_unpriv to am_host_unpriv Signed-off-by: Tycho Andersen <tycho@tycho.ws>	2018-01-26 22:11:50 +00:00
Tycho Andersen	4692c01af2	better unprivileged detection In particular, if we are already in a user namespace we are unprivileged, and doing things like moving the physical nics back to the host netns won't work. Let's do the same thing LXD does if euid == 0: inspect /proc/self/uid_map and see what that says. Signed-off-by: Tycho Andersen <tycho@tycho.ws>	2018-01-26 22:11:50 +00:00
Christian Brauner	5288a74faa	apparmor: do not call aa_change_profile() We can simply write the label ourselves. There's no magic happening. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2018-01-22 12:14:14 +01:00
Christian Brauner	0059379ff4	tree-wide: s/getpid()/lxc_raw_getpid()/g This is to avoid bad surprises caused by older glibc's pid cache (up to 2.25) when using clone(). Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-12-21 23:01:03 +01:00
Serge Hallyn	be459e9997	Merge pull request #1950 from brauner/2017-11-27/criu_fixes bugfixes	2017-12-08 21:59:09 -06:00
Christian Brauner	2650fb4d5e	utils: declare sethostname() static inline Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-12-01 23:18:09 +01:00
Christian Brauner	41dc71558e	storage: constify where possible This was made necessary by changes to the overlay driver. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> Signed-off-by: Adrian Reber <areber@redhat.com>	2017-11-28 13:52:47 +01:00
Marcos Paulo de Souza	ac181b5c3c	utils.h: Avoid duplicated sethostname implementation Move duplicated implementatin of sethostname from conf.c and lxc_unshare.c to utils.h Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>	2017-11-28 00:13:49 -02:00
Christian Brauner	478fb51d4e	conf: move CAP_SYS_* definitions to utils.h Closes #1946. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-11-24 13:25:51 +01:00
Christian Brauner	6222c3f48b	utils: add lxc_find_next_power2() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-10-21 18:38:13 +02:00
Christian Brauner	e3db0162ff	utils: parse_byte_size_string() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-10-21 18:38:13 +02:00
Christian Brauner	b037bc675b	utils: add lxc_safe_long_long() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-10-21 18:38:13 +02:00
Christian Brauner	e46361235c	utils: add lxc_getpagesize() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-10-21 18:38:13 +02:00
Christian Brauner	127c6e703b	utils: add lxc_make_tmpfile() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-10-21 18:38:12 +02:00
Christian Brauner	b499121f1f	utils: add lxc_cloexec() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-10-21 16:30:08 +02:00
Christian Brauner	f749d524f1	utils: move memfd_create() definition Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-10-21 16:30:03 +02:00
Christian Brauner	a6f151a7ce	init: rework dumb init Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-10-10 18:01:35 +02:00
Serge Hallyn	3dca1af064	implement lxc_string_split_quoted lxc_string_split_quoted() splits a string on spaces, but keeps groups in single or double qoutes together. In other words, generally what we'd want for argv behavior. Switch lxc-execute to use this for lxc.execute.cmd. Switch lxc-oci template to put the lxc.execute.cmd inside single quotes, because parse_line() will eat those. If we don't do that, then if we have lxc.execute.cmd = /bin/echo "hello, world", then the last double quote will disappear. Signed-off-by: Serge Hallyn <shallyn@cisco.com>	2017-10-04 18:01:53 +00:00
Christian Brauner	8bd8018e3d	utils: fix lxc_popen()/lxc_pclose() - rework and fix pipe fd leak Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-09-13 17:07:43 +02:00
Christian Brauner	d75c14e262	utils: add lxc_nic_exists() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-09-03 16:35:48 +02:00
Christian Brauner	1a0e70ace8	tree-wide: non-functional changes - replace all "//" with "/* */" Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-08-24 12:45:47 +02:00
Christian Brauner	eda0afd4b4	utils: rework lxc_deslashify() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-08-02 01:37:02 +02:00
Christian Brauner	29a11a7f1b	utils: switch to has_fs_type() Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>	2017-08-02 01:37:02 +02:00

1 2 3 4

155 Commits