proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-17 23:59:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8,626 Commits 6 Branches 17 Tags 29 MiB
fd34369e10
Commit Graph

8626 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stéphane Graber
90912571af
Merge pull request #2937 from brauner/2019-04-14/issue_2912 
storage: prevent unitialized variable warning
 2019-04-14 14:07:34 -04:00
Stéphane Graber
49ce8186e6
Merge pull request #2936 from brauner/2019-04-14/issue_2935 
cgroups: fix potential nullderef
 2019-04-14 14:03:59 -04:00
Christian Brauner
240a130f67
storage: prevent unitialized variable warning 
We can simply fix this issue by switching to our cleanup macros instead of
manually freeing the memory.

Closes #2912.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-04-14 15:46:12 +02:00
Christian Brauner
b53a08535a
cgroups: fix potential nullderef 
The child_path variable is initialized very late in the function so jumping to
the on_error label would cause a nullderef. With the cleanup macros we can
simplify this function to simply do direct returns and avoid that whole issue.

Closes #2935.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-04-14 15:30:22 +02:00
Stéphane Graber
30a9d1371a
Merge pull request #2934 from brauner/2019-04-13/simplify_and_test 
attach: use tighter scope for fd variable
 2019-04-13 13:49:30 -04:00
Christian Brauner
427a80672f
attach: use tighter scope for fd variable 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-04-13 19:08:49 +02:00
Christian Brauner
9810d1916e
Merge pull request #2928 from yosukesan/api_doc_generation_fails_under_out_of_source_build#2927 
fix: #2927 api doc generation fails under out of source build.
 2019-04-06 15:14:31 +02:00
Christian Brauner
74f628ac32
Merge pull request #2926 from tenforward/japanese 
doc: update Japanese lxc-user-nic manpage
 2019-04-06 07:21:03 +02:00
yosukesan
13f7674329 fix: #2927 api doc generation fails under out of source build. 
Signed-off-by: yosukesan <y.otsuki30@gmail.com>
 2019-04-06 12:43:59 +09:00
KATOH Yasufumi
a1c4b8380d doc: update Japanese lxc-user-nic manpage 
Update for commit db74bbd

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2019-04-06 02:00:53 +09:00
Stéphane Graber
a38fa3d196
Merge pull request #2924 from brauner/2019-04-05/lxc_user_nice_update 
lxc-user-nic: update
 2019-04-05 12:32:39 -04:00
Christian Brauner
ff63fd780d
lxc-user-nic: validate request 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2019-04-05 14:16:09 +02:00
Christian Brauner
db74bbd003
doc: update lxc-user-nic manpage 
Closes #1823.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2019-04-05 14:15:36 +02:00
Christian Brauner
e94104b058
lxc-user-nic: small tweaks 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2019-04-05 14:14:24 +02:00
Christian Brauner
4f34c6f95d
Merge pull request #2923 from flx42/more-pdeathsig-fixes 
More pdeathsig fixes
 2019-04-04 16:50:41 +02:00
Felix Abecassis
97d8f4b773 Fix monitor pdeathsig handling 
Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
 2019-04-03 21:12:38 -07:00
Felix Abecassis
f08a5cc4fc Fix user namespace pdeathsig handling 
Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
 2019-04-03 21:09:53 -07:00
Stéphane Graber
1f6af53257
Merge pull request #2922 from brauner/2019-04-02/ovs_fixes 
network: fix network device removal
 2019-04-02 23:08:12 -04:00
Christian Brauner
78ab281c61
network: fix network device removal 
Closes #2849.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-04-02 23:26:59 +02:00
Christian Brauner
0d861d5784
Merge pull request #2920 from tenforward/update_docs 
Update docs
 2019-03-27 07:13:46 -07:00
KATOH Yasufumi
8dca2bd3ae doc: Add the description of apparmor profile generation to man pages 
Only add to English and Japanese man pages.

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2019-03-27 16:56:20 +09:00
KATOH Yasufumi
e31362893b doc: Add lxc.rootfs.managed to lxc.container.conf(5) 
Only add to English and Japanese man pages.

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2019-03-27 16:52:53 +09:00
KATOH Yasufumi
c3b7fd80d9 doc: Add lxc.cgroup.relative to lxc.container.conf(5) 
Only English and Japanese man pages.

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
 2019-03-27 15:53:17 +09:00
Christian Brauner
4094778770
Merge pull request #2911 from tomponline/tp-2019-03-19/lvcreate 
lvm: Updates lvcreate to wipe signatures if supported
 2019-03-26 18:09:33 -07:00
Christian Brauner
86e27dbd45
Merge pull request #2910 from tomponline/tp-2019-03-19/travis 
Travis: Adds -Wall and -Werror cflags flags to automatic build.
 2019-03-26 04:32:14 -07:00
tomponline
99a8edfc3a lvm: Updates lvcreate to wipe signatures if supported, fallbacks to old command if not. 
Signed-off-by: tomponline <tomp@tomp.uk>
 2019-03-26 08:44:28 +00:00
Christian Brauner
781f2bfab4
Merge pull request #2917 from tych0/check-init-pid-failures 
lxccontainer: check do_lxcapi_init_pid() for failure
 2019-03-25 12:55:56 -07:00
Tycho Andersen
caab004fcf lxccontainer: check do_lxcapi_init_pid() for failure 
This function can fail, because it uses the command API. If it does fail,
we get weird errors about not being able to open strange proc paths:

xc authyldapservice-c8020e20-e203-e852-90ef-4d378e8d1444 20190323163231.386 ERROR    lxc_utils - utils.c:switch_to_ns:1184 - No such file or directory - failed to open /proc/-104/ns/net

So let's check for errors before then.

Signed-off-by: Tycho Andersen <tycho@tycho.ws>
 2019-03-25 12:11:16 -06:00
tomponline
3ece09c1e4 travis: Attempt to fix src/lxc/cmd/lxc_init.c:251: undefined reference to `pthread_sigmask 
Signed-off-by: tomponline <tomp@tomp.uk>
 2019-03-19 13:38:55 +00:00
tomponline
16824ba9ca attach: Adds ATTR_UNUSED to fd variable assignment to avoid clang unused variable warnings. 
Signed-off-by: tomponline <tomp@tomp.uk>
 2019-03-19 12:35:31 +00:00
tomponline
49a4c18bf3 Travis: Adds -Wall and -Werror gcc flags to automatic build. 
Signed-off-by: tomponline <tomp@tomp.uk>
 2019-03-19 11:40:47 +00:00
Stéphane Graber
ae6497d0c0
Merge pull request #2907 from brauner/2019-03-12/asan_support 
hardening: enable address sanitizer build
 2019-03-12 19:49:54 -04:00
Christian Brauner
565c4427e2
hardening: enable address sanitizer build 
This adds --{disable,enable}-asan. It is disabled by default.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-03-12 21:01:02 +01:00
Christian Brauner
45265bfdfa
Merge pull request #2903 from flx42/fix-pid-namespace-pdeathsig-handling 
Fix PID namespace pdeathsig handling
 2019-03-12 10:38:15 +01:00
Felix Abecassis
b765aa883e start: fix parent PID passed to lxc_set_death_signal 
Fixes: #2902

Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
 2019-03-11 17:26:23 -07:00
Felix Abecassis
7e61050937 utils: fix handling of PID namespaces in lxc_set_death_signal 
Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
 2019-03-11 17:17:16 -07:00
Stéphane Graber
2009688da4
Merge pull request #2901 from brauner/2019-03-11/compiler_flags 
compiler: hardening
 2019-03-11 19:39:03 -04:00
Christian Brauner
e74d1fd9f3
compiler: -fexceptions hardening 
This hardens multi-threaded C. Without it, the implementation of thread
cancellation handlers (introduced by pthread_cleanup_push) uses a completely
unprotected function pointer on the stack. This function pointer can simplify
the exploitation of stack-based buffer overflows even if the thread in question
is never canceled.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-03-11 23:36:02 +01:00
Christian Brauner
a40093c6f7
compiler: -pipe 
Avoid temporary files, speeding up builds.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-03-11 23:34:18 +01:00
Christian Brauner
c9248f7162
compiler: -fasynchronous-unwind-tables hardening 
Increased reliability of backtraces.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-03-11 23:31:27 +01:00
Stéphane Graber
bbebc423bf
Merge pull request #2900 from brauner/2019-03-11/2826 
btrfs: ensure \0 byte at end
 2019-03-11 10:55:02 -04:00
Christian Brauner
317e6a8348
btrfs: ensure \0 byte at end 
Apparently the name received from the tree walk is not guaranteed to have \0
byte at the end. So let's make sure we append one.
Note that this is only an issue if there are any subvolumes in the container's
rootfs.

Closes 2826.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-03-11 12:48:50 +01:00
Stéphane Graber
7f240f4756
Merge pull request #2898 from brauner/2019-03-10/fix_post_stop_hooks 
hooks: drop namespace references before post-stop
 2019-03-10 20:52:35 -04:00
Christian Brauner
048493a307
hooks: drop namespace references before post-stop 
Callers such as LXD run post-stop hooks to perform cleanup operations on
shutdown. This can involve umount and other things. To avoid surprises with
lingering namespace references we should close all our namespace-preserving
file descriptors. We don't need them at this point anymore anyway.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-03-10 11:46:18 +01:00
Christian Brauner
75df77797b
Merge pull request #2897 from TheSeven/master 
Fix lxc.cgroup2.<controller> on cgroup2-only systems
 2019-03-07 00:26:34 +01:00
Michael Sparmann
908e0ee512 Fix lxc.cgroup2.<controller> on cgroup2-only systems 
Signed-off-by: Michael Sparmann <theseven@gmx.net>
 2019-03-07 00:13:26 +01:00
Stéphane Graber
31d55f8ffb
Merge pull request #2896 from brauner/lxc/master 
conf: avoid compiler warning
 2019-03-05 13:42:54 -05:00
Christian Brauner
41e0074919
conf: avoid compiler warning 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-03-05 19:29:38 +01:00
Christian Brauner
1ae05901cc
Revert "conf: Fixes unitialised variable." 
This reverts commit 912c4bb474.

I accidently merged this commit. The initialization is wrong.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 2019-03-05 19:28:52 +01:00
Christian Brauner
b5bd9e1172
Merge pull request #2895 from tomponline/tp-2019-03-05/minor-fix 
conf: Fixes uninitialised variable.

> @brauner clang is failing but gcc passes, would it be OK to initialise this to 0?

He, unfortunately not. :)
What would happen now is that you'd close `stdin` on a standard system. What you'd want is `= -EBADF`. :)
 2019-03-05 19:27:32 +01:00