Pretty much the only case where we do NOT want to daemonize
a container start is lxc-start. So make c->daemonize true
by default, and have lxc-start set it to false.
If there are existing API users who rely on daemonize by
default, then they will be broken by this. It seems we should
do this before beta1 if we're going to do it.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This makes the ubuntu and ubuntu-cloud templates automatically aware of apt
proxy settings when the LXC host has "squid-deb-proxy-client" installed. This
makes installations *much* faster when a suitable squid-deb-proxy is
found on the network (or installed on the host).
Signed-off-by: Chris Glass <tribaal@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
- [[ ]] -> [ ]
- == -> =
- source -> .
- redirect of fd 200 is error in mksh, use fd 9
- &> /dev/null -> > /dev/null 2>&1
- useless function keyword
- echo -e -> printf
still left bash shebang which did not validate with checkbashism, mostly
due 'type' being reported as bashism
Signed-Off-By: Elan Ruusamäe <glen@delfi.ee>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This adds a new --force-cache parameter which will force use of the
cache even for expired images.
An expired image is now only flushed from the cache once a new one is
successfuly downloaded (to avoid destroying the local cache when the
host doesn't have internet connectivity).
The ID of the build in cache is also tracked so that we don't
re-download something we already have (should only happen if we don't
have a new build published by the time the previous one expires).
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Instead of hardcoding --exclude=./dev/*, use a new metadata file
"excludes" which lists all the paths or patterns to exclude during
extraction (one per line).
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
* Update Japanese lxc.conf(5) for commit 508c263ee6
* Remove duplicate line in English lxc.conf(5)
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
- show full path to failed download location
- change test to -f in case meta.tar.xz:templates has a blank line it
won't attempt to sed a directory
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Some functions which wanted to know about cgroup paths were located
in other files. Move them into cgroup.c, so that all knowledge of
the cgroup backend can be colocated.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
The removed chunk is already defined in utils.h which
is included in modified files.
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
By setting lxc.network.hwaddr to something like fe:xx:xx:xx:xx:xx each
"x" will be replaced by a random value. If less significant bit of
first byte is "templated", it will be set to 0.
This change introduce also a common randinit() function that could be
used to initialize random generator.
Signed-off-by: gza <lxc@zitta.fr>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
It simply creates a test user and tries to create and start
a container as that user. Tries to lxc-attach to that
container to test network connectivity.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
It's nice if we can do it, but not required. Exiting on this
failure causes lxc-create started by root as a less-privileged
userid to fail.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Since previously I had found a config item that wasn't being propagated
by lxc-clone, I went through all the config items and made sure that:
a) Each item is documented in lxc.conf
b) Each item is written out by write_config
The only one that isn't is lxc.include, which by its nature only pulls
in other config item types.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Currently when a container is shut down, lxc walks the set of all
cgroup paths it created, in reverse order, and tries to remove them.
This doesn't suffice if the container has also created new cgroups.
It'd be impolite to recursively remove all the cgroup paths we created,
since this can include '/lxc' and thereunder all other containers
started since.
This patch changes container shutdown to only delete the container's own
path, but do so recursively. Note that if we fail during startup,
the container won't have created any cgroup paths so it the old
way works fine.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This adds a new template called "download". It's a fairly simple
template with a minimal set of dependency which will grab any pre-built
image available on https://images.linuxcontainers.org
Note that the serverside is still work in progress (missing SSL support).
Access is done over https by default with a warning being emitted if
fallback to http was required (may be needed for testing, when behind
proxy and with private servers). All index files and tarballs are
gpg-signed with the default pubkeyid contained in the template itself.
The main benefit of this template is to be entirely
distribution-agnostic, any template that can be integrated with the
server build infrastructure will then work on any LXC machine when using
the download template. This template is also compatible with user
namespaces and will hopefully help widden the number of distros that may
work in unprivileged LXC.
This commit also bundles a small change to the template configs to have
the ubuntu template (used by the download template) to work with
unprivileged LXC.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This should be the last change of name for those options. This change
basically move them all to lxc.bdev.<backend>.<option>.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
If /proc/self/ns does not exist, then preserve_ns was failing to
initialize the saved_ns[i] to -1. This caused attach_ns() to try
and attach, and of course fail.
Initialize the saved ns values before returning an error.
The return values of preserve_ns and attach_ns were also being
ignored. Honor them.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Instead of having one function for each possible key in lxc.conf which
doesn't really scale and requires an API update for every new key,
switch to a generic lxc_get_global_config_item() function which takes a
key name as argument.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This is a first step in bringing the lxc.conf configfile in line with
the container's format.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
The old version of lxc-ls is the wrapper of ls(1). But now it is
python script, so "see also ls(1)" is not needed.
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Change all instances of "unsigned long" where referring to a bdev size
to uint64_t; this fixes some overflows on 32-bit machines, where
"unsigned long" is uint32_t. Support all unit-sizes supported by LVM
except 's' and 'e' [bkmgt]. Print a warning and use default bdev-size if
invalid unit-size specified.
Signed-off-by: Stephen Ayotte <stephen.ayotte@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
On suse we have the header in a subdir inside /usr/include, so
pkgconfig has to be used to find out proper CFLAGS.
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This happens for instance if you run a test under sudo which
then runs lxc commands under 'su - <someuser>'
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
doxygen and graphviz causes travis vm to download ~400 MB from internet
and causes travis builds to timeouts occasionally.
Signed-off-by: S.Çağlar Onur <caglar@10ur.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Debian and Ubuntu uses docbook2x-man, but some other distr like suse
uses docbook-to-man. I think all of them should work on LXC.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
- use this in the busybox template since busybox's init expects
to receive SIGUSR1 to halt
- fix lxc.stopsignal to be output by write_config so lxcapi_clone()
and lxcapi_save_config() will output it
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
On my Ubuntu 13.10 system, lxc-ps was always giving empty output. The
output of /proc/$initpid/cgroup was
11:name=systemd:/user/1000.user/c3.session
10:hugetlb:/container
9:perf_event:/container
8:blkio:/container
7:freezer:/container
6:devices:/container
5:memory:/container
4:cpuacct:/container
3:cpu:/container
2:cpuset:/container
Using the cpuset line should be a safer option.
Signed-off-by: Nick Huber <nicholashuber@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This makes the arguments between lxc-stop and lxc-autostart more
consistent, so that --shutdown doesn't have two different meanings.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
