This adds reboot2() as a new API extension. This function properly wait until a
reboot succeeded. It takes a timeout argument. When set to > 0 reboot2() will
block until the timeout is reached, if timeout is set to zero reboot2() will
not block, if set to -1 reboot2() will block indefinitly.
The struct state_client gets rename to lxc_state_client since it's more in line
with other declarations. It also gets moved from the lxc_handler to the
lxc_conf struct so that the state clients waiting for reboots don't get
deallocated on reboot since the handler is deallocated on reboot.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
- setting the handler->state value is atomic on any POSIX implementation since
we're dealing with an integer (enum/lxc_state_t)
- while the state clients are served it is not possible for lxc_set_state() to
transition to the next state anyway so there's no danger in moving to the
next state with clients missing it
- we only care about the list being modified
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
There are multiple reasons why this is not required:
- every command is transactional
- we only care about the list being modified not the memory allocation and
other costly operations
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
We're dealing with an integer (lxc_state_t which is an enum). Any POSIX
implementation makes those operations atomic so there's not need in locking
this.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
When we remove a state client fd there's not reason to walk the whole list. We
can simply break once we found and removed the fd.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
We want the loglevel that the user specified when starting the container
because it overrides the default one set in the config.
Closes#2003.
Reported-by: Felix Abecassis <fabecassis@nvidia.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
The arguments.{c,h} file should not be a part of liblxc itself. It should only
be used for the lxc tools.
Signed-off-by: RicardoSanchezA <ricardo.sanchez@utexas.edu>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
The lxc_log args have noghing to do with lxc.rootfs.path, and
we need room for a NULL at end of arguments.
How this bug was hidden for so long I don't know - I can only
trigger it on certain systems under certain conditions, but it's
definately wrong as is.
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
I followed the [changelog of Slackware-current]<http://www.slackware.com/changelog/>,
and found that Slackware-current split hostname utility from util-linux package in Nov 17 2017.
So I add the new package to the template.
Signed-off-by: Chia-Chun Hsu <a12321aabb@gmail.com>
Change conf.c to export function write_id_mapping, which will now be
called inside main function of lxc_unshare.c.
This is required because setuid syscalls only permits a new userns to
set a new uid if the uid of parameter is mapped inside the ns using
uid_map file[1]. So, just after the clone invocation, map the uid passed as
parameter into the newly created user namespace, and put the current uid
as the ID-outside-ns. After the mapping is done, setuid call succeeds.
Closes: #494
[1] https://elixir.free-electrons.com/linux/latest/source/kernel/user_namespace.c#L286
Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>
In addition to the memory corruption fixed in ee3e84df78,
this function was also performing invalid memory accesses for the following inputs:
- `lxc.net`
- `lxc.net.`
- `lxc.net.0.`
- `lxc.network`
- `lxc.network.0.`
Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
This caused the linked list of appenders to loop on itself, creating
an infinite logging loop in `__lxc_log_append`.
Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
