[lxc-devel] [GIT] lxc branch, master, updated. 97d3756cbe108e564d1a1b6cc23c02d379c3c02e
Daniel Lezcano
git at users.sourceforge.net
Sun Feb 26 09:44:58 UTC 2012
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "lxc".
The branch, master has been updated
via 97d3756cbe108e564d1a1b6cc23c02d379c3c02e (commit)
via 4759162d078d86628956cae4846c6efccf548e67 (commit)
via bb59e078091c7284cbb852c50606754ffaefafef (commit)
via b119f36293ef2cf3bdb0f9ed7b24b9eb25453fac (commit)
via f6144f0cba9850dad8db6ccf7cd5f63a5477af93 (commit)
via 7c6ef2a2eef7a876b8bb2aa19889fba0c80f7a51 (commit)
via 5d325fcf7e5adcf003ae34bcc492e64a6c8315a0 (commit)
via 8b7071ec5dd52638bf003a14b3e2b8c904e16539 (commit)
via 5eff9886a08d723ec02b30dd6eae701109d3447a (commit)
via 3283db096f9a70590476ac16fbba6cf1621ad9b6 (commit)
via d1458ac8d13880f83fa2d1e08623b97c50d311d7 (commit)
via 6880563d9d688ed3739deb7c914b66e02cb726a6 (commit)
via a0c4a9fb936f438d1a9fdce0702ca59ad1bb2419 (commit)
via e2fa15201393a956df74919ce85bf6a4eec13862 (commit)
via 721d262cf10111af48514ec90cf85c88f8335aff (commit)
via 8b004f0735b8f2d9e1dd973c2db61d55fdf743c2 (commit)
via 5a50e09a4350dfaf5a95dd8d82c7777db9b02b45 (commit)
via 4a2ca8b2ba4b9820a3e3e26e2cf081c17d8737f9 (commit)
via 341a9bd8aca9c404d0d59f7036d81d47de0d6f5a (commit)
via 581092fc657735b08251e902255453a7d53f3a33 (commit)
via 828695d97dad9d267c60a0a9e59588c823991541 (commit)
via 98f41f28a08cee88c57a0faf6470b627d9eeae8a (commit)
via 3920ff5ccead0808760737f9f82324e9861745c7 (commit)
via 6d8ac56b658a7aa35a46580c2df060c58ef02821 (commit)
via 76e08ff8a09abd43994d120e415f43a2a1ef4d90 (commit)
via d08ba6ec05510e95eca791b19731f4a241d7f675 (commit)
via 2e44ed1e647d9fd1544b7ad855bda22ca71abd12 (commit)
via 2407e68ef2a1bc26323334a3249bdd64337ccd91 (commit)
via e226883316ad028a9dbc048af4849082e940033f (commit)
via fdcde5b653e9e91d86f322b0f3aa7e176c47d38e (commit)
from c75083d7f36ff16ee22b3089b3deacec6a2b3cb9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 97d3756cbe108e564d1a1b6cc23c02d379c3c02e
Author: Serge Hallyn <serge at hallyn.com>
Date: Wed Feb 22 11:40:16 2012 -0600
If a container is already running, say so in error msgs.
Otherwise there is no clear indication to the user why the container
startup failed.
Signed-off-by: Serge Hallyn <serge at hallyn.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 4759162d078d86628956cae4846c6efccf548e67
Author: Serge Hallyn <serge at hallyn.com>
Date: Thu Feb 16 14:14:13 2012 -0600
update ubuntu templates to provide macaddr and more
Add a macaddr if precisely one veth is specified but no hwaddr. Allow
specifying ssh authkeys. In cloud template, copy locales by default and allow
a tarball to be specified.
Signed-off-by: Ben Howard <ben.howard at canonical.com>
Signed-off-by: Serge Hallyn <serge at hallyn.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit bb59e078091c7284cbb852c50606754ffaefafef
Author: Serge Hallyn <serge at hallyn.com>
Date: Thu Feb 16 14:13:26 2012 -0600
lxc-ubuntu: fix obscure arguments
1. --path is meant to be passed by lxc-create, but should not be passed
in by users. Don't advertise it in --help.
2. --clean syntax ends up not making much sense. Get rid of it, and
add '--flush-cache' option instead.
Signed-off-by: Serge Hallyn <serge at hallyn.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit b119f36293ef2cf3bdb0f9ed7b24b9eb25453fac
Author: Serge Hallyn <serge at hallyn.com>
Date: Thu Feb 16 14:08:18 2012 -0600
add option to close inherited fds
The option is implied by '-d', because the admin won't see the warning
message.
Signed-off-by: Serge Hallyn <serge at hallyn.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit f6144f0cba9850dad8db6ccf7cd5f63a5477af93
Author: Serge Hallyn <serge at hallyn.com>
Date: Thu Feb 16 14:01:20 2012 -0600
ubuntu template changes
Author: Stéphane Graber <stgraber at ubuntu.com>
Use ubuntu/ubuntu instead of root/root by default. Stop
removing tty[56].conf in Precise. Stop messing with dhclient.conf.
Set devttydir on Precise to /dev/lxc to allow for clean upgrades.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Signed-off-by: Serge Hallyn <serge at hallyn.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 7c6ef2a2eef7a876b8bb2aa19889fba0c80f7a51
Author: Serge Hallyn <serge at hallyn.com>
Date: Thu Feb 16 13:59:10 2012 -0600
add lxc.devttydir config variable
If set, then the console and ttys will be bind-mounted not over /dev/console,
but /dev/<ttydir>/console and then symlinked from there to /dev/console.
Signed-off-by: Serge Hallyn <serge at hallyn.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 5d325fcf7e5adcf003ae34bcc492e64a6c8315a0
Author: Ubuntu <ubuntu at server-4676.novalocal>
Date: Thu Feb 9 18:38:21 2012 +0000
lxc-clone: support btrfs and clean up safely
btrfs support from Scott Moser.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 8b7071ec5dd52638bf003a14b3e2b8c904e16539
Author: Ubuntu <ubuntu at server-4676.novalocal>
Date: Thu Feb 9 19:14:54 2012 +0000
add btrfs support to lxc-create
From Scott Moser.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 5eff9886a08d723ec02b30dd6eae701109d3447a
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Feb 9 11:08:34 2012 -0600
remove unused fddir variable
Thanks to dlezcano for spotting this.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 3283db096f9a70590476ac16fbba6cf1621ad9b6
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Feb 9 11:06:31 2012 -0600
lxc-init: use INFO when failed to mount /dev/shm
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit d1458ac8d13880f83fa2d1e08623b97c50d311d7
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Feb 9 10:55:33 2012 -0600
Add ubuntu-cloud template
This is a new template to create containers based on the ubuntu
cloud images, rather than using debootstrap.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 6880563d9d688ed3739deb7c914b66e02cb726a6
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Feb 9 10:53:08 2012 -0600
Don't install lxcguest in precise (and higher) releases
lxcguest is no longer needed, as precise should boot in a container
un-modified.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit a0c4a9fb936f438d1a9fdce0702ca59ad1bb2419
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Feb 9 10:51:31 2012 -0600
silence netstat warnings in lxc-ls
netstat -x sometimes spits errors to stderr like:
warning, got bogus unix line.
Shut those up as they don't help lxc-ls.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit e2fa15201393a956df74919ce85bf6a4eec13862
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Feb 9 10:48:18 2012 -0600
fix reboot support detection
In order for reboot(LINUX_REBOOT_CMD_CADON) to detect whether
container reboot is supported, it must be done in a non-init
pid namespace. Fix that.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 721d262cf10111af48514ec90cf85c88f8335aff
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Tue Feb 7 09:08:37 2012 -0600
if lxc-init can't mount /dev/shm, don't fail.
The 'lxc-init' (a lightweight init process used by lxc-execute in place of
upstart etc) tries to mount /dev/shm during startup. If that fails (for
instance /dev/shm does not exist) then it aborts execution and returns -1. This
is unreasonable as very few applications actually need /dev/shm.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 8b004f0735b8f2d9e1dd973c2db61d55fdf743c2
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Tue Feb 7 09:01:41 2012 -0600
Don't raise error if container didn't sys_reboot
Don't call it an error if a container exits without calling sys_reboot.
Particularly since that will almost always be the case with lxc-execute.
This fixes a regression introduced in commit
"49296e2ebfe7c5f9d6ebafbb54f5c5e56a0cc085: support proper container
reboot"
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 5a50e09a4350dfaf5a95dd8d82c7777db9b02b45
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Fri Feb 3 09:29:14 2012 -0600
lxc-ubuntu: Support for building a container of a foreign architecture
Support building a container of a foreign architecture if
qemu-user-static is installed. This is done by installing some packages
of the host architecture in the container using multi-arch.
Author: Stéphane Graber <stgraber at ubuntu.com>
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 4a2ca8b2ba4b9820a3e3e26e2cf081c17d8737f9
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Feb 2 15:54:53 2012 -0600
lxc-start: exit early and cleanly if we have insufficient privs
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 341a9bd8aca9c404d0d59f7036d81d47de0d6f5a
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Feb 2 15:52:35 2012 -0600
recursively delete cgroups on container shutdown
If a container has created its own cgroups, i.e. by running libvirtd,
then if we don't delete all child cgroups, then the rmdir will fail.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 581092fc657735b08251e902255453a7d53f3a33
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Thu Feb 2 15:48:17 2012 -0600
fix lxc-netstat for nested cgroups
Use the correct path for the container's cgroup task file.
Also exit out early and cleanly if the container is not running,
and bind-mount /proc/$pid/net with '-n' to keep the entry out
of mtab, else the mtab entry will never go away.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 828695d97dad9d267c60a0a9e59588c823991541
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Tue Jan 24 22:05:28 2012 -0600
support proper container reboot
This patch looks for Daniel's kernel patch allowing the lxc monitor
to tell container reboot from shutdown based on the exit signal. If
that patch is not there, utmp monitoring is used. Otherwise, it only
looks for the signal. Note that the 'conf->need_utmp_watch' is
technically not necessary, as there is no harm in watching the utmp
file.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 98f41f28a08cee88c57a0faf6470b627d9eeae8a
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Jan 23 17:26:25 2012 -0600
lxc-create: fix error with lvm
when --lvname is given, use that for lvcreate instead of using
lxc_name, which is wrong.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 3920ff5ccead0808760737f9f82324e9861745c7
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Jan 23 17:12:46 2012 -0600
lxc-clone.in: define localstatedir, as @LXCPATH@ might be defined in terms of it
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 6d8ac56b658a7aa35a46580c2df060c58ef02821
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Jan 23 13:25:11 2012 -0600
add lvm support to lxc-create
1. Some templates copy the cached pristine rootfs using 'cp a b' where b is
$lxc_path/$name/rootfs. That doesn't do the right thing if rootfs already
exists, as it will when it is an lvm or other mount. So switch to
'rsync a/ b/'. (cp can be made to work too of course).
2. Update lxc-create to support backing stores. For now only lvm is
implemented.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 76e08ff8a09abd43994d120e415f43a2a1ef4d90
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Jan 23 12:59:14 2012 -0600
Fix several nagging bugs in lxc-destroy
Don't delete a running container. If it's running, abort the delete
unless a new '-f' (force) flag is given, in which case, stop it first.
Handle the case where we can't find $rootfs in config
Fix broken detection of lvm backing store
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit d08ba6ec05510e95eca791b19731f4a241d7f675
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Jan 23 12:07:44 2012 -0600
Support nested cgroups
With this patch, I can start a container 'o1' inside another container 'o1'.
(Of course, the containers must be on a different subnet)
Detail:
1. Create cgroups for containers under /lxc.
2. Support nested lxc: respect init's cgroup:
Create cgroups under init's cgroup. So if we start a container c2
inside a container 'c1', we'll use /sys/fs/cgroup/freezer/lxc/c1/lxc/c2
instead of /sys/fs/cgroup/freezer/c2. This allows a container c1
to be created inside container c1 It also allow a container's limits
to be enforced on all a container's children (which a MAC policy could
already enforce, in which case current lxc code would be unable to nest
altogether).
3. Finally, if a container's cgroup already exists, rename it rather than
failing to start the container. Try to WARN the user so they might go
clean the old cgroup up.
Whereas without this patch, container o1's cgroup would be
/sys/fs/cgroup/<subsys>/o1,
it now becomes
/sys/fs/cgroup/<subsys>/<initcgroup>/lxc/o1
so if init is in cgroup '/' then o1's freezer cgroup would be:
/sys/fs/cgroup/freezer/lxc/o1
Changelog:
. make lxc-ps work with separate mtab. If cgroups were mounted with -n,
and mtab is not linked to /proc/self/mounts, then 'mount -t cgroup' won't
show these mounts. So make lxc-ps not use it, but rather use
/proc/self/mounts directly.
. lxc-ls in the past assumed that a container's cgroup was just '/<name>'.
Now it is '/<host-init-cgroup>/lxc/<name>'. Handle that.
. first version of this patch was setting clone_children on
<path-to-cpusets-cgroup>/<init-cgroup>/lxc, not the parent of that dir.
That failed to initialize that cgroup, so tasks could not enter it.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 2e44ed1e647d9fd1544b7ad855bda22ca71abd12
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Jan 23 12:05:40 2012 -0600
lxc-ubuntu: use release-updates and release-security
Particularly for LTS releases, which many people will want to use in
their containers, it is not wise to not use -security and -updates.
Furthermore the fix allowing ssh to allow the container to shut down
is in lucid-updates only.
With this patch, after debootstrapping a container, we add -updates
and -security to sources.list and do an apt-get upgrade under chroot.
Unfortunately we need to do this because debootstrap doesn't know how
to.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit 2407e68ef2a1bc26323334a3249bdd64337ccd91
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Jan 23 11:59:56 2012 -0600
lxc-ubuntu: add /dev/full, /dev/hpet, and /dev/kvm to devices whitelist
Thanks for Scott Moser for these, which allows qemu to run inside a container.
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit e226883316ad028a9dbc048af4849082e940033f
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Jan 23 11:57:59 2012 -0600
drop mac_admin and mac_override
mac_admin stops the container from loading LSM policy. Neither
selinux nor apparmor currently will do well with automatic namespacing
of policy (though it's coming in apparmor, after which we can re-enable
this).
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
commit fdcde5b653e9e91d86f322b0f3aa7e176c47d38e
Author: Serge Hallyn <serge.hallyn at canonical.com>
Date: Mon Jan 23 11:55:38 2012 -0600
Add new 'precise' release to ubuntu template
Signed-off-by: Serge Hallyn <serge.hallyn at canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 1 +
src/lxc/arguments.h | 3 +
src/lxc/caps.c | 39 ++++++
src/lxc/caps.h | 1 +
src/lxc/cgroup.c | 213 +++++++++++++++++++++++++----
src/lxc/commands.c | 7 +-
src/lxc/conf.c | 147 +++++++++++++++++---
src/lxc/conf.h | 4 +
src/lxc/confile.c | 20 +++
src/lxc/execute.c | 2 +-
src/lxc/lxc-clone.in | 252 ++++++++++++++++++----------------
src/lxc/lxc-create.in | 158 +++++++++++++++++++--
src/lxc/lxc-destroy.in | 34 ++++-
src/lxc/lxc-ls.in | 7 +-
src/lxc/lxc-netstat.in | 14 ++-
src/lxc/lxc-ps.in | 43 +++++--
src/lxc/lxc_start.c | 10 ++-
src/lxc/restart.c | 2 +-
src/lxc/start.c | 122 +++++++++++++++--
src/lxc/start.h | 2 +-
src/lxc/utils.c | 3 +-
templates/Makefile.am | 1 +
templates/lxc-debian.in | 3 +-
templates/lxc-opensuse.in | 3 +-
templates/lxc-ubuntu-cloud.in | 304 +++++++++++++++++++++++++++++++++++++++++
templates/lxc-ubuntu.in | 238 +++++++++++++++++++++++---------
26 files changed, 1351 insertions(+), 282 deletions(-)
create mode 100644 templates/lxc-ubuntu-cloud.in
hooks/post-receive
--
lxc
More information about the lxc-devel
mailing list