[lxc-devel] lxc-clone
Han Yuejuan-B42073
B42073 at freescale.com
Fri Dec 14 02:13:49 UTC 2012
When I want to clone a container with "lxc-clone -o ctx1 -n ctx2":
There will be some error info about rsync as below:
Tweaking configuration
Copying rootfs...
rsync: writefd_unbuffered failed to write 4092 bytes to socket [sender]: Broken pipe (32)
rsync: write failed on "/var/lib/lxc/ctx2/rootfs/bin/chown": No space left on device (28)
rsync error: error in file IO (code 11) at receiver.c(322) [receiver=3.0.9]
rsync: connection unexpectedly closed (471 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(605) [sender=3.0.9]
________________________________________
From: lxc-devel-request at lists.sourceforge.net [lxc-devel-request at lists.sourceforge.net]
Sent: Thursday, December 13, 2012 2:56 PM
To: lxc-devel at lists.sourceforge.net
Subject: Lxc-devel Digest, Vol 52, Issue 31
Send Lxc-devel mailing list submissions to
lxc-devel at lists.sourceforge.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/lxc-devel
or, via email, send a message with subject or body 'help' to
lxc-devel-request at lists.sourceforge.net
You can reach the person managing the list at
lxc-devel-owner at lists.sourceforge.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Lxc-devel digest..."
Today's Topics:
1. Re: [PATCH] Fix race/corruption with multiple lxc-start,
lxc-execute (Serge Hallyn)
2. [PATCH] Renamed ethX => devN on stop (network phys)
(Vitaly Lavrov)
3. [GIT] lxc branch, master, updated.
d984bb4e751121f1a7c0029ee7df4acf62f2eea4 (Daniel Lezcano)
----------------------------------------------------------------------
Message: 1
Date: Thu, 13 Dec 2012 06:28:03 -0600
From: Serge Hallyn <serge.hallyn at canonical.com>
Subject: Re: [lxc-devel] [PATCH] Fix race/corruption with multiple
lxc-start, lxc-execute
To: Dwight Engen <dwight.engen at oracle.com>
Cc: lxc-devel at lists.sourceforge.net
Message-ID: <20121213122803.GG5246 at sergelap>
Content-Type: text/plain; charset=us-ascii
Quoting Dwight Engen (dwight.engen at oracle.com):
> If you start more than one lxc-start/lxc-execute with the same name at the
> same time, or just do an lxc-start/lxc-execute with the name of a container
> that is already running, lxc doesn't figure out that the container with this
> name is already running until fairly late in the initialization process: ie
> when __lxc_start() -> lxc_poll() -> lxc_command_mainloop_add() attempts to
> create the same abstract socket name.
>
> By this point a fair amount of initialization has been done that actually
> messes up the running container. For example __lxc_start() -> lxc_spawn() ->
> lxc_cgroup_create() -> lxc_one_cgroup_create() -> try_to_move_cgname() moves
> the running container's cgroup to a name of deadXXXXXX.
>
> The solution in this patch is to use the atomic existence of the abstract
> socket name as the indicator that the container is already running. To do
> so, I just refactored lxc_command_mainloop_add() into an lxc_command_init()
> routine that attempts to bind the socket, and ensure this is called earlier
> before much initialization has been done.
>
> In testing, I verified that maincmd_fd was still open at the time of lxc_fini,
> so the entire lifetime of the container's run should be covered. The only
> explicit close of this fd was in the reboot case of lxcapi_start(), which is
> now moved to lxc_fini(), which I think is more appropriate.
>
> Even though it is not checked any more, set maincmd_fd to -1 instead of 0 to
> indicate its not open since 0 could be a valid fd.
>
> Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
------------------------------
Message: 2
Date: Thu, 13 Dec 2012 22:22:00 +0300
From: Vitaly Lavrov <vel21ripn at gmail.com>
Subject: [lxc-devel] [PATCH] Renamed ethX => devN on stop (network
phys)
To: lxc-devel at lists.sourceforge.net
Message-ID:
<CAKfBFaTOX41DDLsaBvPDvDyGX2vY1u53eDJ=cX-FAccC90hwHw at mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
The source of this problem is in linux/net/core/dev.c:default_device_exit()
The problem can be resolved by means of a patch ( for version 0.8.0 )
The patch doesn't solve a problem of disappearance of "dummy", "imq",
"ifb" network devices when closing container ( this is kernel problem
).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lxc_exit_netdev_fix.patch
Type: application/octet-stream
Size: 1588 bytes
Desc: not available
------------------------------
Message: 3
Date: Thu, 13 Dec 2012 20:55:51 +0000
From: "Daniel Lezcano" <git at users.sourceforge.net>
Subject: [lxc-devel] [GIT] lxc branch, master, updated.
d984bb4e751121f1a7c0029ee7df4acf62f2eea4
To: lxc devel <lxc-devel at lists.sourceforge.net>
Message-ID:
<mailman.89729.1355432169.2177.lxc-devel at lists.sourceforge.net>
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "lxc".
The branch, master has been updated
via d984bb4e751121f1a7c0029ee7df4acf62f2eea4 (commit)
via 2e3ae157d528212a3bd5d95e8ffa8fa1d67ee9e5 (commit)
via 222fea5a10544018f26d60d73132069fb0fa8797 (commit)
via 769872f9f2c994d8bfd6de906562df64bcd92600 (commit)
via a02264fb1ef8abab2f7aff2d347638e6e831156e (commit)
via ff918b1832307204b106ca7bcaea21ff57370d7a (commit)
via 7323456ec3efe23bb7a84164d3e71d4293998f2c (commit)
via d8521cc3754a740a547b12aa81990d117b5d99ee (commit)
via f2924f7898d6bfbdb30f8f02c87b86880afd79e8 (commit)
via f4d3a9fddbacdd5279f042cc352425a0c01da2b6 (commit)
via 703c562d2ee8572097135003964c7ca7931567c9 (commit)
via f3c7020ad851481d3c95c6deb384326c6cc1a29f (commit)
via d4f6fa926d92803d8b8217468be483ac2f7e270e (commit)
via 794dd12099da53adec33e8291f0f470629f8b8f6 (commit)
via ab4a1501761241e1aa97c3eee6742040dc81a049 (commit)
via 1c6085cdd97cf947237e361245b35c6cdab90357 (commit)
via 2495cc911b6600521fd2dc735edba15f6fbb9081 (commit)
via fe253caa8b98854445aaf6ee253545ee1f13beb1 (commit)
via 75350ec8c77acad383eea8e36b2dc3faeea34460 (commit)
via 7c382572263726e0d90b9550bc8cf4c2ac014efa (commit)
via 14d9c0f09d1a55d124ef210a4b4e205c9fe7596c (commit)
via eba7df9ee0a1963984ef212e7ddfc0e0835af288 (commit)
via 836676caba579f934523aae1c09f2b426f0e45f9 (commit)
via e1483a0275273911b08f8183e31c0fd0565cd11d (commit)
via 483d21ff46cda0dc4f53672c02e48404535d56df (commit)
via f1a3a3ab8feb7374aed232f2d635edc51d2be792 (commit)
via f8ddeaa5be7c883a3d14f977879f6dacaf7a6236 (commit)
via e29bf450cafa2ce2564aeb0b64d2014c17228407 (commit)
via f99c7aa5de9aa1aa7d624380235cbd295a4764b8 (commit)
via 0749e740608de0621fbbd9bd89946f5fbecb8d72 (commit)
via 20cf2e976bf31494e64f05f3d7a2cd5130971502 (commit)
via b1eafd4aeb778fbf86751b2b032f8fb1834e9099 (commit)
via daf04e4ce912839383d649109a6aac66c2b48709 (commit)
via c0b5f522feab43871f0e116eadd9ed992d5fb194 (commit)
via 7b35f3d60a7d007e39b44461181e118bd3942da7 (commit)
via 4245ba50074f33c4bfa8e8b133598767841e712b (commit)
via 6a85cf91247b7dd9c3faeddceca8dacb96d02cd6 (commit)
via 4e7186c53554cdbf4b4b85568daf84740c120505 (commit)
via 4a85ce2ad0d0b24680712c60a6576713d209b7ad (commit)
via 44d397891e691ab994a69766cc72e57265b62da1 (commit)
via 2130af2665f37eafe80291fb9f67b8a48532df8e (commit)
via 6902a6c6642a85c0510e84e96a06e21aee152226 (commit)
via 1d4f064658987210ee46124c39429a80edc7a32d (commit)
via fa0e6e1bf42c92d1e35201322121bcb5e2d30199 (commit)
via 61435768cdd6703e8f2f98bfd134afb4c51d0523 (commit)
via cc423c67391aafe0be46d11db8e63a602eea0d25 (commit)
via 91c3830e225e10f7c2e638965be0f3cf51c8d3f3 (commit)
via 5f29734f7d21907a9c463cf354d1bef5de9f08b5 (commit)
via 89573feb5b507a61738523ecfe1c8fbcb57726b8 (commit)
via 1e1f8eeb147ca46fa81857a8a570feff2c818974 (commit)
via 8e100cef8baf6b92ce4ced8b734e56e2e0aa691d (commit)
via fade719ed906ad7aa73204ca84747047bae3d7bf (commit)
via 18f823c1ca9f750ebad23f45026fcdeddc57a389 (commit)
via e62fa3f9cea8c97fbfa3a3c8e6acc00c420c8363 (commit)
via bf555f03840e1808406b276e0bc240d4fa67859e (commit)
via 000559b5de36e45b0cc54349a9e62dd77766882b (commit)
via 12a50cc6ab5c8a4aa0bcb7ddcd7095265f7bb62b (commit)
via 12ad0f90c17072c8d6024c0ab6eda3f13c94aad0 (commit)
via f910f092e5070b9bec3fdbde1cb778c5eefe0639 (commit)
via b45a7402bf5e6a0c4d03c5a428670bad7c1b4c8e (commit)
via 7ec3fa7139c3be9381b9de1a2deeb6484abd550b (commit)
via 89d35588040a94a3a92a235da163462b1364b4b8 (commit)
via 6b1a07ba086d16cfa822caadf95eab62b70889cd (commit)
via b917ef75223480f0fa86d47eed5951787b86a99f (commit)
via 83cab6e068b64f733dbdd156319b7716b054853a (commit)
via d95db067d28dd0480c2bd71f85668fa8d37e9064 (commit)
via 9ebb03ad4abdd5642e330d73cf339bcbb72c29c1 (commit)
via 2312f31b07690c18ce1b910803ef3f6f7e588f05 (commit)
via 181a9be7e40766d863bb7d52b38a47364d24db80 (commit)
via 2cdb945b1375d4d2fd7f1e01df6d39a54b10d82c (commit)
via bde1853954e7e0a33fec872391c757933c063ae9 (commit)
via f79d43bbe70a01454049b77d6f15f6369744959e (commit)
via c93c7b1a0b0d4548780b9c22fb9ab907783caad1 (commit)
via ad493d03fed380ac151dacb53ddfd01a23aeacee (commit)
via c6883f383e587725552f7c71e96ebe1c34ae7c56 (commit)
via 69c478daf1aeaf84941c561d381b26747b614101 (commit)
via 2a41cf5d682aa4ed8b75132bb224933d0b14a845 (commit)
via 7858afacec2354892dcfbe2d587d2f08bbd79ca3 (commit)
via 11cbdf441d57f8151d512677d4b9f12b1cca4a6f (commit)
via e60a8164c12d565f70071ff6b32b823dd495df9e (commit)
via c3752c0b5926c3d5d3361c8127708da83e585928 (commit)
via 3114c9824220921bab15cc283907debccde17fa0 (commit)
via f6a8db2d947018c09389fd6747ae23072c3a8666 (commit)
via f8a59e315293366fd58d632484245a78a3feaa36 (commit)
via f62b344996937459ae5f31b0358cb440ddde421f (commit)
via 18c266fc4cb73c911d2d0576628873c0ceada6ca (commit)
via 9935be1881cf7cc7292629fcd64768336a869c8d (commit)
via ae9242c86a1a566d98a2cff4df680f1fcd0ecc48 (commit)
via c95cf86f39ca327688781718ddc371b00f232c03 (commit)
via 8dff643f44c4c179a3e2657f5641e59739dc4b2c (commit)
via ca0a33644ae47b802ce2ae7a96af70806e7266fe (commit)
via d7436fc1dfe0323fb5e6905457f342da5ed8ca97 (commit)
via 24b292c917fe325e51e2ccd7dc3e4e05fee2d1e5 (commit)
via aeb958be832011009226b39e04d61cfb2a6e7da3 (commit)
via 9b106331e79de6dc328b5545b4b188b527224dee (commit)
via 7822022c4c72cee06905b540b89b653491d6f6b2 (commit)
via aa8d013ec5b09cd1cd904173d6234ef126eb2126 (commit)
via e54d6cce171d9b18e2ec553e4c30c17d4462332e (commit)
via 5bf2c5ce9ba2539efbf81928ef6ccb96d959bcf8 (commit)
via eeb6cb8305a213c29ee20e4a0c4d4c1418c88dd8 (commit)
via ad563aea971ac9317acac180e42cd271698208fd (commit)
via 434445ee1e9f22b55ce8994d78794ae33a6d8247 (commit)
via 64c3c9020bb797cc902f3915c71971a4b1bd8502 (commit)
via d76db55b6c54c52fee905ecbb8773cd8ae1eb499 (commit)
via f282a2f4b8f1d44702eb746c8554408d802f402d (commit)
via efa99b32264acd577e36d9367f035d6cbde606a4 (commit)
via e03243397debaf3a72b227930c334935ff9f8cae (commit)
via 75d0acd48f46e63b3d6e835ffbf36a771ecd2a4a (commit)
via e2611fd5e14681470a4f2b48723584bba5b461ea (commit)
via f0e592fc66bbfd4c8cf73f91536f326ccf483f22 (commit)
via 6f75ba0bdab3ab1f29773740611bb0ce6f9ab99c (commit)
via b1dc05fde974bc50f70c58857fc630c829aa2a18 (commit)
via 7060353a087b66f37c0134eb485baf777e949973 (commit)
via b88d7bb629849748346c1faf394d30c4c740ddf9 (commit)
via b90270a5a3767933cab04cb82b530bf76fc0bf10 (commit)
via 708f4a80ea464edd3805f2024d65a2e795265080 (commit)
via 037ba55cbee97bb9e1be95423c358ac1a7b33a2a (commit)
via 17ed13a3bca0a809273daf535f38ee166b110188 (commit)
via f6144ed443995a7d5bdbae217c6ba3ef3e341d16 (commit)
via 5a339bbb87e06cb4687056e07985eeb6bafef002 (commit)
via abbe2ead95fdee6a0d59da35ce3542439ec2abcc (commit)
via 6506255cfdab516114e35266c9d70b7ed3cd2bec (commit)
via 9737a2060ca725bb6622736f2bf2ebb6656a8d7f (commit)
via 225b52ef15d77d017c47b026313f3fabcf423a28 (commit)
via 921ceb26bdb8ae6425f87789005e337f98aa4305 (commit)
via 5b12984bf9d1d952a402932d3d87aaef2d1ca6f2 (commit)
via 0d2787be930588ac04854dcc2dd0ba85a2cbec48 (commit)
via 1f530df63238a22a9e74c13df27cb027b8c9cfe6 (commit)
via 87540ad7d8cc3716d3e2204ffbdc7a81d5bf7d90 (commit)
via 16216c83297543692b8dede52c9dd8a998758e9c (commit)
via 9c9b984556a3ad14847cb603897ab1689a0db721 (commit)
via 733a0e89ac30930a951f38620ab28a014e621a79 (commit)
via 95a717e9b907de94bf29c91abca13012ec47d088 (commit)
via caf32f58cd5b24cdd127dce6823e10a8a5323112 (commit)
via d7415aea482652cd4b035d18c4bcf0edfc409d5f (commit)
via 697fa6390c5d52eaef36a15c31b68d093a0d0941 (commit)
via 59b3bc264cbf0996cd7b446afd219ab1ff0fe53c (commit)
via cbd4c46406b0a34291a9962c834b7de871ce30ce (commit)
via 767d4c6743155a6835a596fc6b1baf56e14ad430 (commit)
via 472c97e97684494ecfd0541fa779c301a1855447 (commit)
via 8eb5694bafff6be81a35542c584e82817a1e0852 (commit)
via 64fca455ae305704929a03c27f3ed5866abe8e15 (commit)
via 4a7c7daa260467f3c9b234495bf3283fe31c01cb (commit)
via c278cef2ecd6fc42132d02f982e113414f5f9ce4 (commit)
via 89eaa05ed1a1ddd5d2552c323b5228def627d731 (commit)
via e0de36d791e82d9916cad4ac41562077cf9789c3 (commit)
via 38b280ca2cf8895fc1d03c0034ef5bbce847cf0f (commit)
via 85a9d078274587b5ef7bf97f7e26c9f121947c03 (commit)
via fe88b9d2f39375b043970788cfc16bd0bfd42322 (commit)
via 427b3a21ef99f2fb99ae35ea02b7c49b1a9e117c (commit)
via 525421c923d798cdea9e5691bcee1e5e5530491d (commit)
via 5ea6163a62c386f403b6d01df2780ff9308bf08f (commit)
via 06200a37fcdb627fce265e263947862b70bacdbf (commit)
via 69d66f1e729aadfcf2f47aaedaf738a888e4646d (commit)
via 0a8722fd78ca1f7eae1ebdd831fabf3289e7e67e (commit)
via cbe3a58b138e7596d53bb93e5a17d084ba1350dc (commit)
via be2e4e54da3c8054525321422f7f290d45b32a6c (commit)
via 7a44c8b447c4cac2b71bf842a61440bae9caf918 (commit)
via 72d0e1cb2facaa4b8ba2f15e311d6bb9491badb7 (commit)
via 7a0b0b5672a33c190eefb4b2d3e3693241c130f2 (commit)
via e13eeea2db3743bf8d3fe2833e069a80e2c4102c (commit)
via 39a5d5feeeebbffa7187ef318fb6a11fdb063fbe (commit)
via fc763ab77d48ecd191a402a11f778c46e114e79b (commit)
via c8f7c5630e8312cab7e17539381f05dffe9193fa (commit)
via d5088cf2d3c077444aa28194340db2f23b94035a (commit)
via 1881820ae4ff9004beef1bf7f04553580840441d (commit)
via 74a2b5864f2ece87bf522d1c1cbd590dc24c0c53 (commit)
via c8dee0f165d19271bb0a83069dcbb65fbc02e73f (commit)
via e767dd55995d20151987ca38eb00c8d43465ca41 (commit)
via 0d0527a929bf9f35b4d99c100dfc76449d67a906 (commit)
via 09ad624693cb0ef41cf246e2876b5f356783b34d (commit)
via 8f2c3a702aae3545b631a2b4c6db99f87528553a (commit)
via b486346aa2fad7de06c491755b9b50c58c27a017 (commit)
from 4aa7ac35696b87867b1e85410a80527696ff4d64 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d984bb4e751121f1a7c0029ee7df4acf62f2eea4
Author: Daniel Lezcano <daniel.lezcano at free.fr>
Date: Thu Dec 13 21:51:03 2012 +0100
Version 0.9.0.alpha1
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 2e3ae157d528212a3bd5d95e8ffa8fa1d67ee9e5
Merge: 4aa7ac3 222fea5
Author: Daniel Lezcano <daniel.lezcano at free.fr>
Date: Thu Dec 13 21:47:55 2012 +0100
Merge git://github.com/lxc/lxc
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 222fea5a10544018f26d60d73132069fb0fa8797
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Tue Dec 11 12:39:16 2012 -0500
Don't attempt to symlink kmsg without rootfs->path
For example doing "lxc-execute -n tmpct /bin/bash" will call setup_kmsg(), but
in this case rootfs->mount/dev directory doesn't even exist so the call to
symlink fails with ENOENT. Commit f62b3449 made this failure not fatal, but
we should not even try it when we know it will fail. See similar code in
setup_tty(), setup_console(), etc.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 769872f9f2c994d8bfd6de906562df64bcd92600
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Dec 11 11:40:02 2012 -0600
support new libseccomp api
Detect the new api by existence in seccomp.h of the scmp_filter_ctx
type in configure.ac.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit a02264fb1ef8abab2f7aff2d347638e6e831156e
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Dec 11 11:39:26 2012 -0600
README: fix typo in example script
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit ff918b1832307204b106ca7bcaea21ff57370d7a
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Dec 11 11:08:09 2012 -0600
seccomp: free conf->seccomp (filename char *)
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 7323456ec3efe23bb7a84164d3e71d4293998f2c
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Thu Dec 6 13:29:51 2012 -0500
assume LXCPATH took on default localstatedir based value in configure
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Michael H. Warfield <mhw at WittsEnd.com>
commit d8521cc3754a740a547b12aa81990d117b5d99ee
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Sun Dec 9 23:36:10 2012 -0500
python: Update add_device_node to use the new API
Update add_device_node to use the new set_cgroup_item call instead
of having to figure out the cgroup paths and update the entries manually.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit f2924f7898d6bfbdb30f8f02c87b86880afd79e8
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Dec 7 15:47:12 2012 -0500
gitignore: Update for python files
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit f4d3a9fddbacdd5279f042cc352425a0c01da2b6
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Dec 7 15:47:11 2012 -0500
python: Add binding for {get|set}_cgroup_item
Updates the binding for the two new functions.
This also fixes some problems with the argument checking of
get_config_item that'd otherwise lead to a segfault.
The python binding for set_cgroup_item and get_cgroup_item are pretty
raw as lxc has little control over the cgroup entries.
That means that we don't try to interpret lists as we do for the config
entries.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 703c562d2ee8572097135003964c7ca7931567c9
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Dec 7 15:47:10 2012 -0500
python: get_keys() doesn't require a path
The python binding was forcing the user to pass a base path to
get_keys() even though the C binding doesn't require it.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit f3c7020ad851481d3c95c6deb384326c6cc1a29f
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Fri Dec 7 14:16:54 2012 -0600
dont save loglevel if it is unset
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit d4f6fa926d92803d8b8217468be483ac2f7e270e
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Dec 7 12:24:23 2012 -0500
python3-lxc: Fix build prefix/destdir
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 794dd12099da53adec33e8291f0f470629f8b8f6
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Dec 6 18:41:15 2012 -0600
api: add set_cgroup_item and get_cgroup_item (to c api)
set_cgroup_item takes a pointer to a running container, a cgroup subsystem
name, and a char *value and it mimicks
'lxc-cgroup -n containername subsys value'
get_cgroup_item takes a pointer to a running container, a a cgroup
subsystem name, a destination value * and the length of the value being
sent in, and returns the length of what was read from the cgroup file.
If a 0 len is passed in, then the length of the file is returned. So
you can do
len = c->get_cgroup_item(c, "devices.list", NULL, 0);
v = malloc(len+1);
ret = c->get_cgroup_item(c, "devices.list", v, len);
to read the whole file.
This patch also disables the lxc-init part of the startone test, which
was failing because lxc-init has been moved due to multiarch issues.
The test is salvagable, but saving it was beyond this effort.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit ab4a1501761241e1aa97c3eee6742040dc81a049
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Dec 7 10:41:10 2012 -0500
lxc-create: Allow for empty or unset template name
This restores an old behaviour where lxc-create can be called without
a template. In such case, only a minimal configuration is built and no
rootfs is created. However the various backingstore code is still used.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 1c6085cdd97cf947237e361245b35c6cdab90357
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Thu Dec 6 09:58:21 2012 -0500
lxc.spec: add openssl and rsync as Required since both are used in lxc-clone
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 2495cc911b6600521fd2dc735edba15f6fbb9081
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 18:51:10 2012 -0500
python: Remove hardcoded LXCPATH
Switch the python scripts to using @LXCPATH at .
According to grep, this was the last occurence of a /var/*/lxc
path in the code.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit fe253caa8b98854445aaf6ee253545ee1f13beb1
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 18:51:09 2012 -0500
templates: Consistent use of locking
Move to per-template lock (except for oracle that's per-container).
Also ensure that the path used for the lock is relative to LOCALSTATEDIR.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 75350ec8c77acad383eea8e36b2dc3faeea34460
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 18:51:08 2012 -0500
lxc-archlinux: Don't hardcode /var/lib/lxc in help
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 7c382572263726e0d90b9550bc8cf4c2ac014efa
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 18:51:07 2012 -0500
lxc-ubuntu: Don't hardcode path to cache
Use LOCALSTATEDIR to generate the path to the cache.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 14d9c0f09d1a55d124ef210a4b4e205c9fe7596c
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 16:47:19 2012 -0500
Update for consistent indent
This commit updates all scripts using mixed indent to a consistent
4 spaces indent.
In the past quite a few of those scripts used tabs to instead of 8 spaces or
instead of 4 spaces, sometimes mixing those in the same line and sometimes
changing the tab width within the same file.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit eba7df9ee0a1963984ef212e7ddfc0e0835af288
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 16:47:18 2012 -0500
templates: Make generated config consistent
This updates all the templates and the configuration files to consistently
use "key = value" everywhere.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 836676caba579f934523aae1c09f2b426f0e45f9
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 16:47:17 2012 -0500
Minor documentation updates
- Update COPYING to the current copy of the LPGL-2.1 license from
common-licences (only difference is some indentation).
- Remove mixed tabs/spaces in CONTRIBUTING
- Make INSTALL fit on 79 cols.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit e1483a0275273911b08f8183e31c0fd0565cd11d
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 16:47:16 2012 -0500
Update README
This adds a section about the staging branch to the README and updates
the list of supported architectures.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 483d21ff46cda0dc4f53672c02e48404535d56df
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 17:07:01 2012 -0500
oracle template: fixes when using fedora host
Let oracle template work when host is fedora or oracle and the lsb_release
command is not present. Verify the arch given is valid. Don't add lxc.network
section again if already present.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit f1a3a3ab8feb7374aed232f2d635edc51d2be792
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Wed Dec 5 15:05:02 2012 -0500
make install should create /var/cache/lxc directory
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit f8ddeaa5be7c883a3d14f977879f6dacaf7a6236
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Dec 5 13:33:03 2012 -0500
lxc-archlinux.in: Apply same LXCPATH/LOCALSTATEDIR
lxc-archlinux was apparently left out of the last change, apply
the same modification as the other templates.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit e29bf450cafa2ce2564aeb0b64d2014c17228407
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Wed Dec 5 12:33:16 2012 -0500
Use LXCPATH and LOCALSTATEDIR instead of hardcoded /var
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit f99c7aa5de9aa1aa7d624380235cbd295a4764b8
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Wed Dec 5 10:38:07 2012 -0600
lxc-create: refuse to use a custom rootfs (--dir) which already exists.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 0749e740608de0621fbbd9bd89946f5fbecb8d72
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Dec 4 17:42:46 2012 -0500
lxc-ls: Update code to allow non-root listing
Re-arrange the code so that we only grab the container object when doing
something more than building a simple list of existing containers.
This means that now the following calls can run unprivileged:
- lxc-ls
- lxc-ls -1
Everything else will still require root privileges.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 20cf2e976bf31494e64f05f3d7a2cd5130971502
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Dec 4 17:30:13 2012 -0500
python: Update to the device related functions
This commit does the following changes to the python API:
- Rename the add_device API call to add_device_node
- Adds an extra check that the container is running to add_device_node
- Introduces a new add_device_net function
And the following changes to the lxc-device tool:
- Change parser setup to better cope with variable number of arguments
- Add support for network devices (currently auto-detected)
- Support for different names on the host and in the container
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit b1eafd4aeb778fbf86751b2b032f8fb1834e9099
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Dec 4 16:17:09 2012 -0500
lxc-device: Show an error message when non-root
Instead of returning a python stacktrace, check what the current euid is
and show an argparse error message similar to that used in lxc-start-ephemeral.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit daf04e4ce912839383d649109a6aac66c2b48709
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Dec 4 16:17:08 2012 -0500
lxc-ls: Show a simple error message when non-root
Instead of returning a python stacktrace, check what the current euid is
and show an argparse error message similar to that used in lxc-start-ephemeral.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit c0b5f522feab43871f0e116eadd9ed992d5fb194
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Dec 4 16:17:07 2012 -0500
lxc-start-ephemeral: Use argparse errors
Use argparse's error function instead of our own print + exit.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 7b35f3d60a7d007e39b44461181e118bd3942da7
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Dec 4 12:00:26 2012 -0600
rename physical nics at shutdown
When a physical nic is being set up, store its ifindex and original name
in struct lxc_conf. At reboot, reset the original name.
We can't just go over the original network list in lxc_conf at shutdown
because that may be tweaked in the meantime through the C api. The
saved_nics list is only setup during lxc_spawn(), and restored and
freed after lxc_start.
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1086244
Changelog: remove non-effect change in execute.c
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 4245ba50074f33c4bfa8e8b133598767841e712b
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Thu Nov 29 16:24:47 2012 -0500
make install should create $LXCPATH directory
The $LXCPATH (default /var/lib/lxc) directory was not being created by
make install, so unless it gets created by some other means
(packaging tools), commands such as lxc-create will fail.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 6a85cf91247b7dd9c3faeddceca8dacb96d02cd6
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Dec 4 12:12:36 2012 -0500
Install legacy scripts when built without python.
Re-introduce the old lxc-ls script and manpage under a new legacy
sub-directory.
Those will be installed in place of their python equivalent when LXC
is built without --enable-python.
Any other script ported to python should be added to those lists.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 4e7186c53554cdbf4b4b85568daf84740c120505
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Nov 21 17:38:27 2012 -0500
Rewrite lxc-ls in python
This rewrite is mostly compatible with the shell version.
--active and -1 still work and behave as they used to.
This adds --running, --stopped and --frozen as state filters.
A new "fancy" view is also implemented (can be used with --fancy) and
will show containers in a column-based interface with the following fields:
- name
- state
- ipv4
- ipv6
- pid of init
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 4a85ce2ad0d0b24680712c60a6576713d209b7ad
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Mon Dec 3 12:53:46 2012 -0600
lxc_conf logfile and loglevel support
Add 'lxc.logfile' and 'lxc.loglevel' config items. Values provided on
the command line override the config items.
Have lxccontainer not set a default loglevel and logfile.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 44d397891e691ab994a69766cc72e57265b62da1
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Mon Dec 3 09:53:10 2012 -0600
templates: use hardlink detection in rsync
I'm not sure whether we want this: is -H ubiquitous?
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Michael H. Warfield <mhw at WittsEnd.com>
Acked-by: Dwight Engen <dwight.engen at oracle.com>
commit 2130af2665f37eafe80291fb9f67b8a48532df8e
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Mon Dec 3 09:47:37 2012 -0600
lxc-clone: use hardlink detection in rsync
Otherwise busybox clones have been reported to explode from
2M to 440M.
Reported-by: Rene K. Mueller <spiritdude at gmail.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Michael H. Warfield <mhw at WittsEnd.com>
Acked-by: Dwight Engen <dwight.engen at oracle.com>
commit 6902a6c6642a85c0510e84e96a06e21aee152226
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Fri Nov 30 11:49:25 2012 -0500
Create busybox commands as symlinks instead of hardlinks
I was getting a "Too many links" error when creating a busybox container on
a btrfs file system. This change has the template create the links as
symlinks instead. It also generates the list of commands to be symlinked from
busybox itself instead of a hardcoded list in the template.
Also set the root password to root, to match what other templates do.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 1d4f064658987210ee46124c39429a80edc7a32d
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Dec 3 09:29:27 2012 -0500
lxc-create: Script cleanup
- Removes the mixed tabs/spaces, replacing by standard 4 spaces indent.
- Fix a bunch of bashisms.
- Use shell syntax for and/or in if statements instead of the "test" syntax.
- Improve block spacing a bit.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit fa0e6e1bf42c92d1e35201322121bcb5e2d30199
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Nov 30 16:55:54 2012 -0500
lxc-create: Store template information in config
Change lxc-create to add the name of the template, checksum and any parameters
to the container's configuration.
This makes it easier to debug and figure out exactly how a container was built.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 61435768cdd6703e8f2f98bfd134afb4c51d0523
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Thu Nov 29 20:05:37 2012 -0600
check and warn of return value from fchdir
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit cc423c67391aafe0be46d11db8e63a602eea0d25
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Thu Nov 29 13:27:37 2012 -0500
Include lxc-ubuntu when doing make dist
Removing templates/lxc-ubuntu from configure.ac makes it so that it is
not included in the tarball that make dist builds (and therefore also
breaks the rpm build).
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 91c3830e225e10f7c2e638965be0f3cf51c8d3f3
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Thu Nov 29 10:46:46 2012 -0600
Description: run MAKEDEV console when doing lxc.autodev
mounted-dev.conf won't be running that in container's userspace as it
previously would have, so make sure that all the devices it would have
created (other than ones which lxc later finagles) get created.
To achieve this, we have to first mount /dev, then run MAKEDEV, then
run setup_autodev to populate the rest of /dev.
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1075717
Changelog:
v2: Use INFO rather than ERROR when makedev fails, since we won't stop the container boot.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 5f29734f7d21907a9c463cf354d1bef5de9f08b5
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Wed Nov 28 16:51:37 2012 -0500
Fix build with --enable-tests on Fedora
When using --enable-tests on Fedora, the linker complains with:
"undefined reference to symbol sem_getvalue", which nm shows to be in
libpthread not librt. Build tested on Fedora, Oracle Linux, and Ubuntu.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 89573feb5b507a61738523ecfe1c8fbcb57726b8
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Nov 29 10:08:22 2012 -0500
lxc-ubuntu: Fix wrong variable name
$LANGPACK_LIST was renamed to $langpacks but not all the code was updated.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 1e1f8eeb147ca46fa81857a8a570feff2c818974
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Nov 28 18:29:58 2012 -0500
lxc-ubuntu: Fix mixed indent
Replace all remaining tabs by 8 spaces, to properly indent by 4 spaces.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 8e100cef8baf6b92ce4ced8b734e56e2e0aa691d
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Nov 28 18:29:57 2012 -0500
lxc-ubuntu: Rename from lxc-ubuntu.in
lxc-ubuntu no longer uses any build time variables, therefore it can
now be simply copied to the target without any autoconf magic.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit fade719ed906ad7aa73204ca84747047bae3d7bf
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Nov 28 18:29:56 2012 -0500
lxc-ubuntu: Guess a list of langpacks to install
In addition to creating the current locale in the container, also
try to scan the host and extra the list of langpacks installed there,
then pass that list to debootstrap as additional packages to install.
On distros that don't have dpkg, only language-pack-en will be installed.
The code will always ensure that language-pack-en is ALWAYS installed in the
target, similar to what Ubuntu does with its various media.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 18f823c1ca9f750ebad23f45026fcdeddc57a389
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Nov 28 18:29:55 2012 -0500
lxc-ubuntu: Always create the needed locales
Move some old code from the trim() function into the main configure_ubuntu
function so that we always create a locale in the container.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit e62fa3f9cea8c97fbfa3a3c8e6acc00c420c8363
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Thu Nov 29 10:13:10 2012 -0500
Fix busybox template to not have extra aa_profile hunk
Both 69d66f1e and f02ce27d added the aa_profile = unconfined hunk, but only
the first was needed, maybe a merge error? The second one causes the
template to get an error on the EOF line. This essentially reverts
f02ce27d.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit bf555f03840e1808406b276e0bc240d4fa67859e
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Wed Nov 28 09:57:59 2012 -0600
revert inadvertent un-doing of lxc-clone fix
commit 8f2c3a702aae3545b631a2b4c6db99f87528553a reverted a fix
for bad handling by lxc-clone of 'lxc.mount[ \t]' lines.
Fix.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 000559b5de36e45b0cc54349a9e62dd77766882b
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Tue Nov 27 11:07:12 2012 -0500
Oracle template: make container also boot under libvirt
This allows containers created with lxc-create to also boot under
libvirt/Virtual Machine Monitor
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 12a50cc6ab5c8a4aa0bcb7ddcd7095265f7bb62b
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Nov 26 15:28:14 2012 -0500
Make config api items const
This makes it easier to write a binding, and presents a cleaner API. Use
strdupa in a few places to get mutable strings for tokenizing / parsing.
Also change the argv type in lxcapi_start and lxcapi_create to match
that of execv(3).
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 12ad0f90c17072c8d6024c0ab6eda3f13c94aad0
Author: Natanael Copa <ncopa at alpinelinux.org>
Date: Mon Nov 26 22:39:05 2012 +0100
lxc-setuid: use POSIX shell instead of bash
Avoid getop --longoptions.
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit f910f092e5070b9bec3fdbde1cb778c5eefe0639
Author: Natanael Copa <ncopa at alpinelinux.org>
Date: Mon Nov 26 22:37:33 2012 +0100
lxc-setcap: use POSIX shell instead of bash
Avoid getopt --longoptions
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit b45a7402bf5e6a0c4d03c5a428670bad7c1b4c8e
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Nov 26 15:57:53 2012 -0500
Use autoconf LXCPATH instead of hardcoded LXCDIR
LXCDIR is only used in lxc_container_new, whereas LXCPATH is used throughout
the rest of lxc, and even in the same file as lxc_container_new (for example
create_container_dir()).
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 7ec3fa7139c3be9381b9de1a2deeb6484abd550b
Author: Natanael Copa <ncopa at alpinelinux.org>
Date: Tue Nov 27 08:27:17 2012 +0100
lxc-checkconfig: use POSIX shell instead of bash
- replace 'echo -e' with printf
- replace 'if [[ ... ]]' with 'if [ ... ]'
- add \ at after && and || when those are at end of line
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 89d35588040a94a3a92a235da163462b1364b4b8
Author: Natanael Copa <ncopa at alpinelinux.org>
Date: Tue Nov 27 08:13:31 2012 +0100
lxc-version: use POSIX shell instead of bash
There is no reason to depend on bash for a single echo.
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 6b1a07ba086d16cfa822caadf95eab62b70889cd
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Nov 26 14:08:36 2012 -0600
fix lxc-ubuntu-cloud option parsing bugs
The -u shortopt matching --userdata was not specified, and when -L
is found shift should have been by 1 not 2 since there is no optarg.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit b917ef75223480f0fa86d47eed5951787b86a99f
Author: Natanael Copa <ncopa at alpinelinux.org>
Date: Mon Nov 26 20:04:32 2012 +0100
lxc-info: add option -t, --state-is=STATE to test for a given test
Add an option to test for a give state. This is useful for scripts.
It lets us you do thing like:
if lxc-info --name myname --state-is RUNNING; then
...
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 83cab6e068b64f733dbdd156319b7716b054853a
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Nov 26 12:18:13 2012 -0500
Ensure argv passed by createl to create is NULL terminated
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit d95db067d28dd0480c2bd71f85668fa8d37e9064
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Nov 26 12:18:06 2012 -0500
Free allocated configuration memory
Most of these were found with valgrind by repeatedly doing lxc_container_new
followed by lxc_container_put. Also free memory when config items are
re-parsed, as happens when lxcapi_set_config_item() is called. Refactored
path type config items to use a common underlying routine.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 9ebb03ad4abdd5642e330d73cf339bcbb72c29c1
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Nov 26 12:17:58 2012 -0500
Fix use of list item memory after free
Valgrind showed use of ->next field after item has been free()ed.
Introduce a lxc_list_for_each_safe() which allows traversal of a list
when the body of the loop may remove the currently iterated item.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 2312f31b07690c18ce1b910803ef3f6f7e588f05
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Nov 26 12:17:51 2012 -0500
Fix fd leak in lxc log
lxc_log_init will leak an fd when it is called by a long running
program that may call lxc_container_new multiple times. Fix by
only opening the log if it is not already open.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 181a9be7e40766d863bb7d52b38a47364d24db80
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Nov 22 18:02:13 2012 -0500
gitignore: Ignore python cache
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 2cdb945b1375d4d2fd7f1e01df6d39a54b10d82c
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Nov 22 18:01:40 2012 -0500
python: Use builtin len() function for network interfaces
Use our own len() function for network interfaces as doing
len(container.get_config_item("lxc.network")) will fail when the
list is empty.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit bde1853954e7e0a33fec872391c757933c063ae9
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Nov 22 15:25:45 2012 -0500
python: PEP8 compatibility
The new version of the pep8 command is detecting more indentation
mistakes than it used to, this fixes them.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit f79d43bbe70a01454049b77d6f15f6369744959e
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Nov 26 12:08:13 2012 -0500
Remove all trailing whitespaces.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit c93c7b1a0b0d4548780b9c22fb9ab907783caad1
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Wed Nov 14 12:03:56 2012 -0500
Fix checkconfig to handle kernel memory cgroup name change
The kernel config option for the memory cgroup was changed in 3.6
from CONFIG_CGROUP_MEM_RES_CTLR to CONFIG_MEMCG with commit c255a458.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit ad493d03fed380ac151dacb53ddfd01a23aeacee
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Nov 26 11:45:28 2012 -0500
lxc.conf.sgml.in: Fix typo
Fix a typo in the previous lxc.conf.sgml.in change.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit c6883f383e587725552f7c71e96ebe1c34ae7c56
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Thu Nov 1 22:27:03 2012 +0100
Add lxc.autodev
Add a container config option to mount and populate /dev in a container.
We might want to add options to specify a max size for /dev other than
the default 100k, and to specify other devices to create. And maybe
someone can think of a better name than autodev.
Changelog: Don't error out if we couldn't mknod a /dev/ttyN.
Changelog: Describe the option in lxc.conf manpage.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 69c478daf1aeaf84941c561d381b26747b614101
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Nov 22 18:01:08 2012 -0500
python: Add new lxc-device tool
Add a new lxc-device tool which uses the new add_device() function of
the python API and lets you add a new device node to a running container.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 2a41cf5d682aa4ed8b75132bb224933d0b14a845
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Nov 22 17:35:44 2012 -0500
python: Add add_device() function
This introduces a new add_devices() call to the python API.
Parameters:
- path => Mandatory, path to a character or block device on the host
- destpath => Optional, alternative path inside the container
The function will allow the node in the container's devices cgroup and
then create the entry in the container.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
commit 7858afacec2354892dcfbe2d587d2f08bbd79ca3
Author: Natanael Copa <ncopa at alpinelinux.org>
Date: Mon Nov 26 12:00:44 2012 +0100
lxc-create: do not use 'local'
Apparently 'local' is not POSIX. Don't use it.
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 11cbdf441d57f8151d512677d4b9f12b1cca4a6f
Author: Natanael Copa <ncopa at alpinelinux.org>
Date: Thu Nov 22 14:16:23 2012 +0100
lxc-create: fix passing over first argument to template script
The e60a8164c12d565f70071ff6b32b823dd495df9e introduced a bug that caused
first argument passed over to the template script get lost.
This patch fixes it.
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit e60a8164c12d565f70071ff6b32b823dd495df9e
Author: Natanael Copa <ncopa at alpinelinux.org>
Date: Fri Nov 16 17:01:55 2012 +0100
lxc-create: use posix shell instead of bash
- use '[ -x /path/prog ]' instead of 'type /path/prog'
- avoid getopt --longoptions
- add \ at after && and || when those are at end of line
- make sure condition expands to empty string if variable is empty
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit c3752c0b5926c3d5d3361c8127708da83e585928
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Nov 15 10:51:09 2012 -0500
Use clearer error message on failure to create pidfile
As suggested by Serge Hallyn on lxc-devel.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 3114c9824220921bab15cc283907debccde17fa0
Author: Natanael Copa <ncopa at alpinelinux.org>
Date: Thu Nov 15 14:52:16 2012 +0100
lxc-start: add option -p, --pidfile=FILE
Add option to create a pidfile for lxc-start. This is helpful for
init scripts and process monitors when running as daemon.
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit f6a8db2d947018c09389fd6747ae23072c3a8666
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Wed Nov 14 10:44:35 2012 -0500
Fix package name needed for building docs with RPM
Tested on Oracle Linux 6 and Fedora 17
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit f8a59e315293366fd58d632484245a78a3feaa36
Author: Frederic Crozat <fcrozat at suse.com>
Date: Wed Nov 14 16:11:08 2012 +0100
ensure btrfs subvolume is removed when container creating fails
Signed-off-by: Frederic Crozat <fcrozat at suse.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit f62b344996937459ae5f31b0358cb440ddde421f
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Nov 13 21:35:51 2012 -0600
dont fail on failure to link kmsg
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 18c266fc4cb73c911d2d0576628873c0ceada6ca
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Nov 13 19:36:05 2012 -0500
Add the test binaries to .gitignore
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 9935be1881cf7cc7292629fcd64768336a869c8d
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Nov 13 19:35:17 2012 -0500
Check return value of all system calls in startone
One of the system() calls in src/tests/startone.c wasn't checked.
This was causing a build failure now that -Wall -Werror are set by default.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit ae9242c86a1a566d98a2cff4df680f1fcd0ecc48
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Nov 13 17:54:01 2012 -0600
switch use of #define with static char*
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit c95cf86f39ca327688781718ddc371b00f232c03
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Nov 13 17:50:35 2012 -0600
Revert "Fix check against LXCROOTFSMOUNT to use strcmp"
This reverts commit 5bf2c5ce9ba2539efbf81928ef6ccb96d959bcf8.
commit 8dff643f44c4c179a3e2657f5641e59739dc4b2c
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Nov 13 17:49:13 2012 -0600
Initialize curtime to silence spurious compiler warning
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit ca0a33644ae47b802ce2ae7a96af70806e7266fe
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Nov 13 17:19:13 2012 -0600
lxc-ssh: fix message about ssh key insertion
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit d7436fc1dfe0323fb5e6905457f342da5ed8ca97
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Nov 13 17:17:25 2012 -0600
Fix reverse check: error out only if mkdir(cgroup/lxc) fails NOT due to -EEXIST
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 24b292c917fe325e51e2ccd7dc3e4e05fee2d1e5
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Nov 12 16:41:14 2012 -0500
lxc-create: Support passing a full path to -t
In some cases it may be useful to pass a full path to an executable
template script directly to lxc-create.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit aeb958be832011009226b39e04d61cfb2a6e7da3
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Nov 12 16:20:53 2012 -0500
lxc-ls: Don't exit 1 when no container or help
lxc-ls is currently exiting with return code 1 when called with --help
or when called on a system without containers.
This behaviour isn't documented in the manpage and isn't terribly intuitive.
It's been the source of quite a few weird failures in scripts running with
set -e.
As a user calling --help is a voluntary action, lxc-ls should exit 0.
Also, as lxc-ls's goal is solely to list containers, showing an error and
exiting with return code 1 when there's no container seems counter-intuitive
and error-prone.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 9b106331e79de6dc328b5545b4b188b527224dee
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Nov 12 15:56:41 2012 -0500
Update .gitignore for current list of binaries and templates
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 7822022c4c72cee06905b540b89b653491d6f6b2
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Nov 12 15:38:50 2012 -0500
Detect which name to use for docbook2x-man
docbook2x-man doesn't have the same name on Debian based systems as
on RedHat based systems, add some magic to configure.ac to detect and
substitute the proper name in Makefile.am
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit aa8d013ec5b09cd1cd904173d6234ef126eb2126
Author: Peter Simons <simons at cryp.to>
Date: Sat Oct 20 11:47:22 2012 +0200
Update documentation to Docbook 4.5
The package 'docbook-tools' [1] required to format Docbook 3.0 into man pages
has been obsoleted a long time ago and can no longer be downloaded from its
former homepage. Recent versions of that package -- now called 'docbook2X' --,
cannot deal with that old markup format anymore (and don't support the '-w all'
command line switch either). To remedy these issues, all SGML files have been
updated to Docbook 4.5 so that recent versions of docbook2man can process them.
[1] http://sources.redhat.com/docbook-tools/
[2] http://docbook2x.sourceforge.net/
Signed-off-by: Peter Simons <simons at cryp.to>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit e54d6cce171d9b18e2ec553e4c30c17d4462332e
Author: Frank Scholten <frank at frankscholten.nl>
Date: Fri Oct 26 19:22:26 2012 +0200
Updated README and INSTALL. autogen.sh command should be run before configure.
Signed-off-by: Frank Scholten <frank at frankscholten.nl>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 5bf2c5ce9ba2539efbf81928ef6ccb96d959bcf8
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Nov 12 14:39:43 2012 -0500
Fix check against LXCROOTFSMOUNT to use strcmp
The check for conf->rootfs.mount not being equal to LXCROOTFSMOUNT
wasn't done with strcmp which was leading to undefined behaviour
and triggered gcc warnings.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit eeb6cb8305a213c29ee20e4a0c4d4c1418c88dd8
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Nov 12 14:33:55 2012 -0500
Fix autogen failing because of clean/distclean overrides
A previous patch added a clean/distclean target to config/Makefile.am.
This conflicts with automake's own target.
This change replaces those by a clean-local and distclean-local target.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit ad563aea971ac9317acac180e42cd271698208fd
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Nov 12 14:32:39 2012 -0500
Set automake flags and CFLAGS
Set automake's flags to -Wall -Werror as well as the general
CFLAGS to -Wall and -Werror when building using gcc.
This should catch any regression on build warnings now that we are in
a pretty clean state.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 434445ee1e9f22b55ce8994d78794ae33a6d8247
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Thu Oct 25 13:46:34 2012 -0400
Reinstate README file in rootfs directory
Change 5fd8314f removed the README file explaining why the
rootfs directory has to exist. Doing so broke the build on
Fedora 17 since this directory will not be created by make
install and thus the spec file cannot find it.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 64c3c9020bb797cc902f3915c71971a4b1bd8502
Author: Diego Elio Petten?? <flameeyes at flameeyes.eu>
Date: Sat Nov 10 20:55:10 2012 -0800
build: make sure to expand all variables that are substituted.
This fixes lxc-sshd still referring to '${libdir}'.
Signed-off-by: Diego Elio Petten?? <flameeyes at flameeyes.eu>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit d76db55b6c54c52fee905ecbb8773cd8ae1eb499
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Oct 31 08:20:52 2012 +0100
lxc-start-ephemeral: Wipe the whole container on exit, not just the rootfs
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit f282a2f4b8f1d44702eb746c8554408d802f402d
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Oct 24 20:41:07 2012 +0200
Revert "Update documentation to Docbook 4.5"
This reverts commit 9a84044bc97098821cce2721ea40a1368f17a091.
The changes made the branch to fail to build on Ubuntu/Debian, so
reverting the commits and re-opening the pull request.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit efa99b32264acd577e36d9367f035d6cbde606a4
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Oct 24 20:41:01 2012 +0200
Revert "Convert remaining file to new docbook format"
This reverts commit 8587ac4b855b7b66931a37742c45cd2c8c624658.
The changes made the branch to fail to build on Ubuntu/Debian, so
reverting the commits and re-opening the pull request.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit e03243397debaf3a72b227930c334935ff9f8cae
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Oct 24 15:32:52 2012 +0200
Convert remaining file to new docbook format
commit 75d0acd48f46e63b3d6e835ffbf36a771ecd2a4a
Author: Peter Simons <simons at cryp.to>
Date: Sat Oct 20 11:47:22 2012 +0200
Update documentation to Docbook 4.5
The package 'docbook-tools' [1] required to format Docbook 3.0 into man pages
has been obsoleted a long time ago and can no longer be downloaded from its
former homepage. Recent versions of that package -- now called 'docbook2X' --,
cannot deal with that old markup format anymore (and don't support the '-w all'
command line switch either). To remedy these issues, all SGML files have been
updated to Docbook 4.5 so that recent versions of docbook2man can process them.
[1] http://sources.redhat.com/docbook-tools/
[2] http://docbook2x.sourceforge.net/
Signed-off-by: Peter Simons <simons at cryp.to>
commit e2611fd5e14681470a4f2b48723584bba5b461ea
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Oct 19 23:06:12 2012 +0200
python-lxc: Add missing space between two help lines
One character fix making the documentation readable in help()
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit f0e592fc66bbfd4c8cf73f91536f326ccf483f22
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Thu Oct 18 12:50:02 2012 -0400
Add distro config file /etc/lxc/lxc.conf
[PATCH] Clean the lxc.conf file
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 6f75ba0bdab3ab1f29773740611bb0ce6f9ab99c
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Wed Oct 17 13:28:27 2012 -0400
Add distro config file /etc/lxc/lxc.conf
This allows a distro to put the distro specific default network
configuration (for example bridge device, link type), or other lxc
configuration in the case that -f is not passed by the user to
lxc-create, in which case lxc-create will use the distro conf file as
the basis for the containers config.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit b1dc05fde974bc50f70c58857fc630c829aa2a18
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Oct 15 09:42:26 2012 -0400
Honor network type and link from lxc-create -f
Make the oracle template honor the lxc.network.type and
lxc.network.link configuration items if a "base" configuration file is
passed to lxc-create. If no configuration file is passed and the host
system is Oracle or Fedora, the template assumes a type of veth and
the default name created by libvirt.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
commit 7060353a087b66f37c0134eb485baf777e949973
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Oct 15 09:42:18 2012 -0400
Fix removal of unneeded startup/shutdown scripts
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
commit b88d7bb629849748346c1faf394d30c4c740ddf9
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Oct 15 09:42:10 2012 -0400
Always rebuild rpm database
Always rebuild the rpm database with the guest's rpm so there are no
db version mismatches when you boot the guest and run rpm or yum.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
commit b90270a5a3767933cab04cb82b530bf76fc0bf10
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Oct 15 09:42:02 2012 -0400
Better rpm database downgrade logic
Use the file command to see if the rpm database version needs to
be downgraded. Use the lsb_release command to determine the host
system, which is then used to set the commands needed to do the
conversion, and lets us move the rpm database to the correct location
if the host rpm doesn't put it where the guest expects it to be.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
commit 708f4a80ea464edd3805f2024d65a2e795265080
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Fri Oct 5 16:40:21 2012 -0500
add oracle template (From: Dwight Engen)
This is a new template to create containers based on Oracle Linux. A version
such as 5.8, 6.3, or 6.latest can be specified with -R in which case a rootfs
will be created from rpms downloaded from the Oracle public-yum repo.
Alternatively the path to an existing rootfs of Oracle 5 or 6 may be given to
the template with the -t option.
The architecture of the downloaded rpms installed in the container can be
specified with the -a template option.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 037ba55cbee97bb9e1be95423c358ac1a7b33a2a
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Wed Sep 26 12:59:24 2012 -0400
fix minor spelling error
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
commit 17ed13a3bca0a809273daf535f38ee166b110188
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Fri Sep 14 14:42:24 2012 -0500
Support individual hook types in clear_config_item
Without this patch, only clear_config_item("lxc.hook") works.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit f6144ed443995a7d5bdbae217c6ba3ef3e341d16
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Thu Sep 13 09:41:01 2012 -0500
api shutdown: don't c->stop() if already stopped.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 5a339bbb87e06cb4687056e07985eeb6bafef002
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Sep 13 10:31:24 2012 -0400
api_test.py: Remove workarounds for API bugs
The script used to contain a workaround for back when create()
wouldn't properly flush the config and reload it.
As these issues have now been fixed, these workarounds can be removed.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit abbe2ead95fdee6a0d59da35ce3542439ec2abcc
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Sep 13 10:08:39 2012 -0400
lxc-start-ephemeral: startup time improvement
Re-organize the code to only call get_ips() when we actually need
the IP address of the container.
Also bump the timeout for get_ips() from 5s to 10s to accomodate
slower machines.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 6506255cfdab516114e35266c9d70b7ed3cd2bec
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Sep 13 10:04:57 2012 -0400
lxc-start-ephemeral: Exit with command return code
When using lxc-start-ephemeral to directly call a command, return
ssh's return code (the command's return code) when exiting.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 9737a2060ca725bb6622736f2bf2ebb6656a8d7f
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Sep 13 10:03:21 2012 -0400
lxc-start-ephemeral: Drop stop() calls when shutdown() returns non-True
shutdown() when given a timeout already does a stop call so there's no
need to check its return value and do another one.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 225b52ef15d77d017c47b026313f3fabcf423a28
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Sep 12 13:12:50 2012 -0400
lxc-start-ephemeral: Add missing return call to wait override
When overriding wait(), I forgot to actually return the value coming
from the C binding...
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 921ceb26bdb8ae6425f87789005e337f98aa4305
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Sep 12 12:48:34 2012 -0400
lxc-start-ephemeral: Fix typo causing crash at startup
Apparently a ")" was dropped in a recent change, causing
lxc-start-ephemeral to fail to start completely (invalid syntax).
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 5b12984bf9d1d952a402932d3d87aaef2d1ca6f2
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Tue Sep 11 17:06:05 2012 -0400
fix expansion of LXCPATH,LXCROOTFSMOUNT,LXCTEMPLATEDIR
These variables are not expanded correctly in doc/lxc-create.sgml.in
and a workaround is in place to ensure ${localstatedir}, and ${datadir}
are set in the various shell scripts that use it. There is no workaround
to ensure ${datadir} is set in src/lxc/lxc-create.in, nor is
${localstatedir} set in templates/lxc-altlinux.in so I think that these
are currently broken.
Using AS_AC_EXPAND instead of AC_SUBST fixes these problems and removes
the need for the workarounds. In addition the lxc-start-ephemeral.in
script can be autoconf'ed instead of sed'ed by the makefile.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
commit 0d2787be930588ac04854dcc2dd0ba85a2cbec48
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Sep 10 14:26:36 2012 -0400
fix gcc error: typedef redefinition (against git staging)
Fix gcc error confile.c:83: error: redefinition of typedef ???config_cb???.
Its already defined the same way in confile.h.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at canonical.com>
commit 1f530df63238a22a9e74c13df27cb027b8c9cfe6
Author: Dwight Engen <dwight.engen at oracle.com>
Date: Mon Sep 10 14:26:43 2012 -0400
fix compile without apparmor (against git staging)
Add a few missing #if's to fix compilation when configured without
AppArmor.
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at canonical.com>
commit 87540ad7d8cc3716d3e2204ffbdc7a81d5bf7d90
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Sep 10 14:06:06 2012 -0400
python-lxc: Always convert state passed to wait() to uppercase
At Serge's suggestion, always convert the state passed to the wait()
function in the python API to its uppercase equivalent.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 16216c83297543692b8dede52c9dd8a998758e9c
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Sun Sep 9 13:14:38 2012 -0400
Prefix the test binaries by lxc-test-
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 9c9b984556a3ad14847cb603897ab1689a0db721
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Fri Sep 7 17:52:06 2012 -0500
check return values of scanf and system
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 733a0e89ac30930a951f38620ab28a014e621a79
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Fri Sep 7 17:48:29 2012 -0500
check sscanf return value
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 95a717e9b907de94bf29c91abca13012ec47d088
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Sep 7 14:53:19 2012 -0400
Fix previous commit, removing hardcoded /var/lib/lxc from lxc-start-ephemeral
The previous commit was missing part of the changes, leading to a non-working
version of lxc-start-ephemeral.
This commit adds the missing parts.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit caf32f58cd5b24cdd127dce6823e10a8a5323112
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Sep 7 14:37:58 2012 -0400
Remove hardcoded /var/lib/lxc from lxc-start-ephemeral
Add dependency on sed and add a Makefile.am section for lxc-start-ephemeral
so that it gets updated at build time for the right container path.
commit d7415aea482652cd4b035d18c4bcf0edfc409d5f
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Sep 7 13:11:05 2012 -0400
Add lxc-start-ephemeral
This commit adds lxc-start-ephemeral as a python script using the
new python-lxc API.
This script is somewhat similar to lxc-clone except that it uses
overlayfs or aufs to provide an overlay on top of the source container.
It also allows the user to directly run a command in the container using
SSH and can fetch the IP address from the container when starting the
container in the background.
The initial work on lxc-start-ephemeral was done by Serge Hallyn in Ubuntu,
this is a re-implementation of it using python and the new LXC hooks.
Compared to the shell implementation, there are three notable differences:
- When starting without a command, lxc-start-ephemeral now attaches to tty1
- When starting in the background (-d), the name and IP of the container is
shown on screen.
- A new "-k" option is added, allowing the user to keep the ephemeral
container after shutdown. This turns off the tmpfs backend and sets up the
hooks so that the container can be started/stopped multiple times.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 697fa6390c5d52eaef36a15c31b68d093a0d0941
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Fri Sep 7 11:14:04 2012 -0500
dual-fork for daemonized fork in lxcapi-start
So the container will be reparented by init. Otherwise children of the
lxc-start might be reaped by python3 rather than lxc-start.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 59b3bc264cbf0996cd7b446afd219ab1ff0fe53c
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Fri Sep 7 10:50:36 2012 -0400
Remove zombie_handler from python-lxc code
This code was addeed to deal with stopped/dead containers but
really shouldn't be implemented there. Instead the setsid() call in
start() should be enough to prevent python from getting the SIGCHLD and
having to deal with it.
commit cbd4c46406b0a34291a9962c834b7de871ce30ce
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Thu Sep 6 16:06:27 2012 -0400
Raise exception when getting Container instance as non-root in python3-lxc
The liblxc API currently doesn't work as non-root, so check that the euid
is 0 when getting a Container instance in the python API.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 767d4c6743155a6835a596fc6b1baf56e14ad430
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Thu Sep 6 12:45:16 2012 -0500
premount hook is implemented in git
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 472c97e97684494ecfd0541fa779c301a1855447
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Thu Sep 6 12:26:29 2012 -0500
document lxc.hooks in lxc.conf manpage
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 8eb5694bafff6be81a35542c584e82817a1e0852
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Wed Sep 5 21:55:38 2012 -0500
Add lxc_conf_free()
Then after lxcapi container->create(), free whatever lxc_conf may be
loaded and reload from the newly created configuration file.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 64fca455ae305704929a03c27f3ed5866abe8e15
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Sep 4 18:06:44 2012 -0500
get_item(utsname): don't dereference utsname if it is NULL
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 4a7c7daa260467f3c9b234495bf3283fe31c01cb
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Sep 4 14:18:03 2012 -0500
Fix passing non-const char* in for const char*
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit c278cef2ecd6fc42132d02f982e113414f5f9ce4
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Sep 4 14:10:40 2012 -0500
check chdir(/) return value
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 89eaa05ed1a1ddd5d2552c323b5228def627d731
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Tue Sep 4 13:57:39 2012 -0500
replace HOOK define with proper code.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit e0de36d791e82d9916cad4ac41562077cf9789c3
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Sat Sep 1 22:55:03 2012 -0400
Add better example/test of the python3-lxc API
Replaced python-lxc/test.py by a new api_test.py script that
uses all the available function of the API to run a batch of
basic tests.
This example is useful both as a test of the API and as a guide on
how to use the python API to manage containers.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 38b280ca2cf8895fc1d03c0034ef5bbce847cf0f
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Sat Sep 1 20:25:28 2012 -0400
Remove unused v1 and v2 variables in main()
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 85a9d078274587b5ef7bf97f7e26c9f121947c03
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Sat Sep 1 20:22:39 2012 -0400
Cleanup lxc_wait
- Remove unused timeout_handler function.
- Remove unsused variables from main()
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit fe88b9d2f39375b043970788cfc16bd0bfd42322
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Sat Sep 1 20:19:53 2012 -0400
Remove unused "i" variable in lxc_get_item_nic
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 427b3a21ef99f2fb99ae35ea02b7c49b1a9e117c
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Sat Sep 1 20:17:32 2012 -0400
Change lxc_remove_nic from returning int to void
The function wasn't returning anything and none of the callers
were checking for a return code.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 525421c923d798cdea9e5691bcee1e5e5530491d
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Sat Sep 1 19:57:11 2012 -0400
Make building the API tests/examples optional
Add a new --enable-tests option to configure which is used to
optionally build the tests/examples. Default is off.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 5ea6163a62c386f403b6d01df2780ff9308bf08f
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Fri Aug 31 12:25:38 2012 -0500
Add lxc.hook.pre-mount
This happens in the container's namespace, but before the rootfs is
setup and mounted. This gives us a chance to mangle the rootfs - i.e.
ecryptfs-mount it.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 06200a37fcdb627fce265e263947862b70bacdbf
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Fri Aug 31 11:28:42 2012 -0500
lxc-wait: initialize timeout to -1
Otherwise it defaults to 0, meaning don't wait. -1 means wait forever,
which is what we want as the default behavior.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 69d66f1e729aadfcf2f47aaedaf738a888e4646d
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Wed Aug 29 09:27:53 2012 -0700
Add lxc.aa_profile example to all templates
LXC has optional apparmor support, default profile is lxc-container-default.
This change adds a commented "lxc.aa_profile = default" line to all templates,
uncommenting this will bypass apparmor for the container.
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit 0a8722fd78ca1f7eae1ebdd831fabf3289e7e67e
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Aug 28 13:53:30 2012 -0400
Rename runapitests.bash to runapitests.sh and make it use /bin/sh
This is a simple POSIX shell script, so no need for the weird extension
or for the explicit use of /bin/bash
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit cbe3a58b138e7596d53bb93e5a17d084ba1350dc
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Tue Aug 28 13:51:02 2012 -0400
Remove duplicate copy of runapitests.bash
Signed-off-by: St??phane Graber <stgraber at ubuntu.com>
commit be2e4e54da3c8054525321422f7f290d45b32a6c
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Aug 27 19:04:43 2012 -0400
Add python-lxc based on the new liblxc API.
This adds a basic python binding done in C and a python overlay to
extend some features and provide a user-friendlier API.
This python API only supports python 3.x and was tested with >= 3.2.
It's disabled by default in configure and can be turned on by using
--enable-python.
A basic example of the API can be found in src/python-lxc/test.py.
More documentation and examples will be added soon.
commit 7a44c8b447c4cac2b71bf842a61440bae9caf918
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Aug 27 19:01:36 2012 -0400
When starting a container daemonized, wait for it to reach RUNNING state before returning the result of start().
If the container doesn't reach RUNNING state in 5 seconds, a failure will be
returned to the user.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 72d0e1cb2facaa4b8ba2f15e311d6bb9491badb7
Author: St??phane Graber <stgraber at ubuntu.com>
Date: Mon Aug 27 18:53:00 2012 -0400
Merge the liblxc API work by Serge Hallyn.
This turns liblxc into a public library implementing a container structure.
The container structure is meant to cover most LXC commands and can easily be
used to write bindings in other programming languages.
More information on the new functions can be found in src/lxc/lxccontainer.h
Test programs using the API can also be found in src/tests/
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: St??phane Graber <stgraber at ubuntu.com>
commit 7a0b0b5672a33c190eefb4b2d3e3693241c130f2
Author: Christian Seiler <christian at iwakd.de>
Date: Wed Aug 22 00:03:16 2012 +0200
lxc-attach: Add -R option to remount /sys and /proc when only partially attaching
When attaching to only some namespaces of the container but not the mount
namespace, the contents of /sys and /proc of the host system do not properly
reflect the context of the container's pid and/or network namespaces, and
possibly others.
The introduced -R option adds the possibility to additionally unshare the
mount namespace (when it is not being attached) and remount /sys and /proc
in order for those filesystems to properly reflect the container's context
even when only attaching to some of the namespaces.
Signed-off-by: Christian Seiler <christian at iwakd.de>
Acked-by: Serge Hallyn <serge.hallyn at canonical.com>
Cc: Daniel Lezcano <daniel.lezcano at free.fr>
commit e13eeea2db3743bf8d3fe2833e069a80e2c4102c
Author: Christian Seiler <christian at iwakd.de>
Date: Wed Aug 22 00:03:15 2012 +0200
lxc-attach: Add -s option to select namespaces to attach to
This patch allows the user to select any list of namespaces (network, pid,
mount, uts, ipc, user) that lxc-attach should use when attaching to the
container; all other namespaces will not be attached to.
This allows the user to for example attach to just the network namespace and
use the host's (and not the container's) network tools to reconfigure the
network of the container.
Signed-off-by: Christian Seiler <christian at iwakd.de>
Cc: Daniel Lezcano <daniel.lezcano at free.fr>
Acked-by: Serge Hallyn <serge.hallyn at canonical.com>
commit 39a5d5feeeebbffa7187ef318fb6a11fdb063fbe
Author: Christian Seiler <christian at iwakd.de>
Date: Wed Aug 22 00:03:14 2012 +0200
lxc-unshare: Move functions to determine clone flags from command line options to namespace.c
In order to be able to reuse code in lxc-attach, the functions
lxc_namespace_2_cloneflag and lxc_fill_namespace_flags are moved from
lxc_unshare.c to namespace.c.
Signed-off-by: Christian Seiler <christian at iwakd.de>
Cc: Daniel Lezcano <daniel.lezcano at free.fr>
Acked-by: Serge Hallyn <serge.hallyn at canonical.com>
commit fc763ab77d48ecd191a402a11f778c46e114e79b
Author: Christian Seiler <christian at iwakd.de>
Date: Wed Aug 22 00:03:13 2012 +0200
lxc-attach: Detect which namespaces to attach to dynamically
Use the command interface to contact lxc-start to receive the set of
flags passed to clone() when starting the container. This allows lxc-attach
to determine which namespaces were used for the container and select only
those to attach to.
Signed-off-by: Christian Seiler <christian at iwakd.de>
Cc: Daniel Lezcano <daniel.lezcano at free.fr>
Acked-by: Serge Hallyn <serge.hallyn at canonical.com>
commit c8f7c5630e8312cab7e17539381f05dffe9193fa
Author: Christian Seiler <christian at iwakd.de>
Date: Wed Aug 22 00:03:12 2012 +0200
lxc-attach: Remodel cgroup attach logic and attach to namespaces again in parent process
With the introduction of lxc-attach's functionality to attach to cgroups,
the setns() calls were put in the child process after the fork() and not the
parent process before the fork() so the parent process remained outside the
namespaces and could add the child to the correct cgroup.
Unfortunately, the pid namespace really affects only children of the current
process and not the process itself, which has several drawbacks: The
attached program does not have a pid inside the container and the context
that is used when remounting /proc from that process is wrong. Thus, the
previous logic of first setting the namespaces and then forking so the child
process (which then exec()s to the desired program) is a real member of the
container.
However, inside the container, there is no guarantee that the cgroup
filesystem is still be mounted and that we are allowed to write to it (which
is why the setns() was moved in the first place).
To work around both problems, we separate the cgroup attach functionality
into two parts: Preparing the attach process, which just opens the tasks
files of all cgroups and keeps the file descriptors open and the writing to
those fds part. This allows us to open all the tasks files in lxc_attach,
then call setns(), then fork, in the child process close them completely and
in the parent process just write the pid of the child process to all those
fds.
Signed-off-by: Christian Seiler <christian at iwakd.de>
Cc: Daniel Lezcano <daniel.lezcano at free.fr>
Acked-by: Serge Hallyn <serge.hallyn at canonical.com>
commit d5088cf2d3c077444aa28194340db2f23b94035a
Author: Christian Seiler <christian at iwakd.de>
Date: Wed Aug 22 00:03:11 2012 +0200
lxc-start: Add command to retrieve the clone flags used to start the container.
Add the LXC_COMMAND_CLONE_FLAGS that retrieves the flags passed to clone(2)
when the container was started. This allows external programs to determine
which namespaces the container was unshared from.
Signed-off-by: Christian Seiler <christian at iwakd.de>
Cc: Daniel Lezcano <daniel.lezcano at free.fr>
Acked-by: Serge Hallyn <serge.hallyn at canonical.com>
commit 1881820ae4ff9004beef1bf7f04553580840441d
Author: Serge Hallyn <serge.halyn at ubuntu.com>
Date: Tue Aug 21 10:11:23 2012 -0500
lxc-create: Make location of container rootfs configurable
Make 'dir' an explicit backing store type, which accepts '--dir rootfs'
as an option to specify a custom location for the container rootfs. Also
update lxc-destroy to now remove the rootfs separately, as removing
@LXCPATH@/$name may not hit it.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 74a2b5864f2ece87bf522d1c1cbd590dc24c0c53
Author: Jan Kiszka <jan.kiszka at siemens.com>
Date: Mon Jul 9 19:15:48 2012 +0200
Add network-down script
Analogously to lxc.network.script.up, add the ability to register a down
script. It is called before the guest network is finally destroyed,
allowing to clean up resources that are not reset/destroyed
automatically. Parameters of the down script are identical to the up
script except for the execution context "down".
Signed-off-by: Jan Kiszka <jan.kiszka at siemens.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit c8dee0f165d19271bb0a83069dcbb65fbc02e73f
Author: Serge Hallyn <serge.halyn at ubuntu.com>
Date: Fri Aug 17 14:06:34 2012 -0500
Makefile.am: use right .h file name for seccomp
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit e767dd55995d20151987ca38eb00c8d43465ca41
Author: Serge Hallyn <serge.halyn at ubuntu.com>
Date: Fri Aug 17 13:04:34 2012 -0500
fix configure.ac for seccomp and apparmor
Use --enable-XXX=check when not specified to get reasonable defaults.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 0d0527a929bf9f35b4d99c100dfc76449d67a906
Author: Serge Hallyn <serge.halyn at ubuntu.com>
Date: Thu Aug 16 15:07:51 2012 -0500
seccomp: include lxcseccomp.h in start.c
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 09ad624693cb0ef41cf246e2876b5f356783b34d
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Thu Aug 9 18:00:58 2012 -0500
confile: support 'lxc.include' option to include other config files
For instance
lxc.include = /var/lib/lxc/commonopts
in /var/lib/lxc/q1/config would cause the configuration in
/var/lib/lxc/commonopts to be loaded when container q1 starts.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
commit 8f2c3a702aae3545b631a2b4c6db99f87528553a
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Fri Jul 27 21:13:53 2012 -0500
Introduce support for seccomp.
Hi,
This patch is so far just a proof of concept. The libseccomp api will be
changing soon so it probably wouldn't be worth pulling this until it is
updated for the new API.
This patch introduces support for seccomp to lxc. Seccomp lets a program
restrict its own (and its children's) future access to system calls. It
uses a simple whitelist system call policy file. It would probably be
better to switch to something more symbolic (i.e specifying 'open' rather
than the syscall #, especially given container arch flexibility).
I just wanted to get this out there as a first step. You can also get
source for an ubuntu package based on this patch at
https://code.launchpad.net/~serge-hallyn/ubuntu/quantal/lxc/lxc-seccomp
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
commit b486346aa2fad7de06c491755b9b50c58c27a017
Author: Jan Kiszka <jan.kiszka at siemens.com>
Date: Thu Aug 9 17:54:48 2012 -0500
lxc-wait: Add timeout option
Allow to specify a timeout for waiting on state changes via lxc-wait.
Helpful for scripts that need to handle errors or excessive delays in
state changing procedures.
Signed-off-by: Jan Kiszka <jan.kiszka at siemens.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 44 +-
CONTRIBUTING | 7 +-
COPYING | 16 +-
INSTALL | 4 +-
Makefile.am | 6 +-
README | 37 ++-
TODO | 2 +-
config/Makefile.am | 15 +-
config/acinclude.m4 | 16 +-
config/lxc.conf.libvirt | 3 +
config/lxc.conf.ubuntu | 3 +
config/lxc.conf.unknown | 1 +
configure.ac | 137 ++++-
doc/FAQ.txt | 4 +-
doc/Makefile.am | 21 +-
doc/{ => legacy}/lxc-ls.sgml.in | 8 +-
doc/lxc-attach.sgml.in | 127 ++++-
doc/lxc-cgroup.sgml.in | 6 +-
doc/lxc-checkpoint.sgml.in | 2 +-
doc/lxc-console.sgml.in | 8 +-
doc/lxc-create.sgml.in | 15 +-
doc/lxc-destroy.sgml.in | 6 +-
doc/lxc-execute.sgml.in | 6 +-
doc/lxc-freeze.sgml.in | 6 +-
doc/lxc-kill.sgml.in | 2 +-
doc/lxc-ls.sgml.in | 153 ++++--
doc/lxc-monitor.sgml.in | 8 +-
doc/lxc-ps.sgml.in | 12 +-
doc/lxc-restart.sgml.in | 2 +-
doc/lxc-shutdown.sgml.in | 2 +-
doc/lxc-start.sgml.in | 18 +-
doc/lxc-stop.sgml.in | 8 +-
doc/lxc-unfreeze.sgml.in | 6 +-
doc/lxc-wait.sgml.in | 17 +-
doc/lxc.conf | 2 +-
doc/lxc.conf.sgml.in | 135 ++++-
doc/lxc.sgml.in | 22 +-
doc/rootfs/Makefile.am | 2 +-
lxc.spec.in | 6 +-
runapitests.sh | 32 +
src/Makefile.am | 2 +-
src/lxc/Makefile.am | 30 +-
src/lxc/af_unix.c | 8 +-
src/lxc/arguments.h | 2 +
src/lxc/attach.c | 86 +++-
src/lxc/attach.h | 3 +-
src/lxc/cgroup.c | 175 +++++-
src/lxc/cgroup.h | 3 +
src/lxc/commands.c | 31 +-
src/lxc/commands.h | 2 +
src/lxc/conf.c | 580 +++++++++++++++++--
src/lxc/conf.h | 40 ++-
src/lxc/confile.c | 944 ++++++++++++++++++++++++++----
src/lxc/confile.h | 12 +
src/lxc/execute.c | 1 -
src/lxc/genl.c | 4 +-
src/lxc/genl.h | 4 +-
src/lxc/{ => legacy}/lxc-ls.in | 7 +-
src/lxc/list.h | 5 +
src/lxc/log.c | 41 ++
src/lxc/log.h | 4 +-
src/lxc/lxc-checkconfig.in | 61 +-
src/lxc/lxc-clone.in | 14 +-
src/lxc/lxc-create.in | 258 +++++----
src/lxc/lxc-destroy.in | 82 ++--
src/lxc/lxc-device | 95 +++
src/lxc/lxc-ls | 251 ++++++++
src/lxc/lxc-netstat.in | 130 ++--
src/lxc/lxc-ps.in | 169 +++---
src/lxc/lxc-setcap.in | 62 ++-
src/lxc/lxc-setuid.in | 66 ++-
src/lxc/lxc-start-ephemeral.in | 289 +++++++++
src/lxc/lxc-version.in | 2 +-
src/lxc/lxc.h | 25 +
src/lxc/lxc_attach.c | 114 ++++-
src/lxc/lxc_info.c | 15 +-
src/lxc/lxc_monitor.c | 2 +-
src/lxc/lxc_start.c | 27 +-
src/lxc/lxc_unshare.c | 45 --
src/lxc/lxc_wait.c | 81 +---
src/lxc/lxccontainer.c | 1001 ++++++++++++++++++++++++++++++++
src/lxc/lxccontainer.h | 79 +++
src/lxc/lxclock.c | 105 ++++
src/lxc/lxclock.h | 61 ++
src/lxc/{attach.h => lxcseccomp.h} | 34 +-
src/lxc/mainloop.c | 4 +-
src/lxc/mainloop.h | 4 +-
src/lxc/monitor.c | 24 +-
src/lxc/namespace.c | 45 ++
src/lxc/namespace.h | 3 +
src/lxc/network.c | 16 +
src/lxc/network.h | 3 +-
src/lxc/nl.c | 14 +-
src/lxc/nl.h | 32 +-
src/lxc/rtnl.c | 2 +-
src/lxc/rtnl.h | 4 +-
src/lxc/seccomp.c | 155 +++++
src/lxc/start.c | 88 +++-
src/lxc/start.h | 1 +
src/lxc/state.c | 115 ++++
src/lxc/state.h | 1 +
src/python-lxc/Makefile.am | 22 +
src/python-lxc/examples/api_test.py.in | 158 +++++
src/python-lxc/lxc.c | 620 ++++++++++++++++++++
src/python-lxc/lxc/__init__.py.in | 468 +++++++++++++++
src/python-lxc/setup.py | 10 +
src/tests/Makefile.am | 23 +
src/tests/containertests.c | 262 +++++++++
src/tests/createtest.c | 92 +++
src/tests/destroytest.c | 104 ++++
src/tests/get_item.c | 308 ++++++++++
src/tests/getkeys.c | 71 +++
src/tests/locktests.c | 239 ++++++++
src/tests/saveconfig.c | 106 ++++
src/tests/shutdowntest.c | 93 +++
src/tests/startone.c | 264 +++++++++
templates/Makefile.am | 3 +
templates/lxc-altlinux.in | 134 +++---
templates/lxc-archlinux.in | 30 +-
templates/lxc-busybox.in | 144 ++---
templates/lxc-debian.in | 119 ++--
templates/lxc-fedora.in | 110 ++--
templates/lxc-lenny.in | 120 ++--
templates/lxc-opensuse.in | 122 ++--
templates/lxc-oracle.in | 557 ++++++++++++++++++
templates/lxc-sshd.in | 40 +-
templates/lxc-ubuntu-cloud.in | 22 +-
templates/lxc-ubuntu.in | 68 ++-
128 files changed, 9377 insertions(+), 1422 deletions(-)
create mode 100644 config/lxc.conf.libvirt
create mode 100644 config/lxc.conf.ubuntu
create mode 100644 config/lxc.conf.unknown
copy doc/{ => legacy}/lxc-ls.sgml.in (94%)
create mode 100644 runapitests.sh
rename src/lxc/{ => legacy}/lxc-ls.in (96%)
create mode 100644 src/lxc/lxc-device
create mode 100644 src/lxc/lxc-ls
create mode 100644 src/lxc/lxc-start-ephemeral.in
create mode 100644 src/lxc/lxccontainer.c
create mode 100644 src/lxc/lxccontainer.h
create mode 100644 src/lxc/lxclock.c
create mode 100644 src/lxc/lxclock.h
copy src/lxc/{attach.h => lxcseccomp.h} (57%)
create mode 100644 src/lxc/seccomp.c
create mode 100644 src/python-lxc/Makefile.am
create mode 100644 src/python-lxc/examples/api_test.py.in
create mode 100644 src/python-lxc/lxc.c
create mode 100644 src/python-lxc/lxc/__init__.py.in
create mode 100644 src/python-lxc/setup.py
create mode 100644 src/tests/Makefile.am
create mode 100644 src/tests/containertests.c
create mode 100644 src/tests/createtest.c
create mode 100644 src/tests/destroytest.c
create mode 100644 src/tests/get_item.c
create mode 100644 src/tests/getkeys.c
create mode 100644 src/tests/locktests.c
create mode 100644 src/tests/saveconfig.c
create mode 100644 src/tests/shutdowntest.c
create mode 100644 src/tests/startone.c
create mode 100644 templates/lxc-oracle.in
hooks/post-receive
--
lxc
------------------------------
------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
------------------------------
_______________________________________________
Lxc-devel mailing list
Lxc-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
End of Lxc-devel Digest, Vol 52, Issue 31
*****************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20121214/52312f99/attachment.html>
More information about the lxc-devel
mailing list