[lxc-devel] [GIT] lxc branch, master, updated. be9f766c1ef1c74cb7cdfca97a71757b492b8a5c

Stéphane Graber stgraber at ubuntu.com
Mon Sep 9 19:38:16 UTC 2013


Hi Daniel,

Thanks for processing the pull request.

It appears you forgot to tag the current HEAD with lxc-1.0.0.alpha1,
could you do that before I rebase the staging branch on master?

Thanks!

Stéphane

On Mon, Sep 09, 2013 at 07:12:09PM +0000, Daniel Lezcano wrote:
> This is an automated email from the git hooks/post-receive script. It was
> generated because a ref change was pushed to the repository containing
> the project "lxc".
> 
> The branch, master has been updated
>        via  be9f766c1ef1c74cb7cdfca97a71757b492b8a5c (commit)
>        via  f756cda05c4058dd7f5d46f2cf51c3bc7fd002d1 (commit)
>        via  5c068da9695bcbfa46e0b3666128e3a533c9ddc7 (commit)
>        via  69c757b343b5bbd2543adc4f3f0204d4696515e0 (commit)
>        via  2caf9a97d90a61e5eaf9d7c218e5bcc35dfbfbb3 (commit)
>        via  3a1675bf08b35bd5a5078f5638048c2c72c3e981 (commit)
>        via  330da5fa322cf628aadc425c5be86814530d313e (commit)
>        via  c25c2970a6aabc45ee6375cc127ed45efea2f9bf (commit)
>        via  ac8255280d2e4348ab0eba5ec6982edc92ee6fbd (commit)
>        via  12e93188de7dfe9ba66e022f9c28aa1f696a22e8 (commit)
>        via  44a80d675ffb81ebb1a66a62c162e93a4c5882a0 (commit)
>        via  2698b46924ab861b1f39fb11560c852d080e7b02 (commit)
>        via  eee59f9408398849e9b7fc58dbe68ec176de4d50 (commit)
>        via  2a2d36a42512160e7771b2472cb7922423523048 (commit)
>        via  1fb86a7cdc22d22b14d03eb0cbd1aa6702862dd4 (commit)
>        via  59d66af29da6ca8c5fa8cb63a5bbfc443811bb81 (commit)
>        via  41c3b7c7ac9b33bc562ebad9ea124912577f2ba5 (commit)
>        via  75b5535282453b3442a41df4a3ba6d3058cd6e48 (commit)
>        via  e34b5d2ef2c329afe6540bbfc298ae631378832e (commit)
>        via  cd0bcc4958e58a2750cf9086f75649d14c83ac70 (commit)
>        via  250b1eec71b074acdff1c5f6b5a1f0d7d2c20b77 (commit)
>        via  d08c3aaebca1ccc47f1f14dcd6fbca39953f8dda (commit)
>        via  c66e9b01f04840c5abc34d235dbbb2ec9ca55205 (commit)
>        via  ca9548ad02238600899a1f86ded308279964e018 (commit)
>        via  80bcb05357a90cc9a2e21e942a2b0a53cddfa7a6 (commit)
>        via  0f081315a9310bf04fe4bc64b900ec6bac36f85d (commit)
>        via  188e0ab60bda276c688ad15877c6d6402081c6c9 (commit)
>        via  acbb59f50d5196facde837ea377f70e98ce1e6f8 (commit)
>        via  d75462e4d663c58bde0787fdbe0ef3148e44cdde (commit)
>        via  0c69c79b4d86a0bda4a0c1ea2e4cc63d28c7baa6 (commit)
>        via  dfa7aa3a836aef5d0f1aebe0f6eeff65d20239ad (commit)
>        via  840295ff4cf11da0938a19f99fef8a1525de8106 (commit)
>        via  80507ee8eb66f4f23494caae26f6d2f0b50480b6 (commit)
>        via  48c63f8d035045af1103b677b5ec577aec59a5b5 (commit)
>        via  5acccf95b2bd1e5ffedf687e527dcad5a54d4c1e (commit)
>        via  79622932f21d22db36a0b6cca129f559b5e76108 (commit)
>        via  cb0c6c020314ee0fea0ce30d209711f7e9c29aaa (commit)
>        via  92b0b5bac5717e5281f51340192288050409ad47 (commit)
>        via  9069513c69d77b5c22219b43f78ba1554431dd36 (commit)
>        via  dfb31b25e298d98ea80a699f019308019c6670d8 (commit)
>        via  84bdfb2b4c95b24fde5e90e621372fcd6c4d069b (commit)
>        via  659aa0618c34cecd388df73936b41d5fb573090d (commit)
>        via  5d9598d7d3206d1bede4932e7c8565f1ab309fbc (commit)
>        via  a09295f841be8add0cbfc2932c59535f0d1365ed (commit)
>        via  ca6973422d5471281126e9e1884633367479f246 (commit)
>        via  01efd4d3d91713fc4f8ca55c7726b8216ed16fc6 (commit)
>        via  1fd9bd50ab0ccea0a6c069147a4bccb0751ca18f (commit)
>        via  b4569e93217fe9a18af35b4475c8f8eac1436759 (commit)
>        via  fb760f70541c9af728eb2ab0c6175875f7448752 (commit)
>        via  e14f67a7bfa7065480fc7cd47a45f209a0aee79b (commit)
>        via  c9ec905567952830d58a14d1e3a3ea4e1f8b0041 (commit)
>        via  01bfae14dd898fecf0bd130e47a62a3155f619d0 (commit)
>        via  4f17323e79969a98604bc30a8cc24cf083d474c3 (commit)
>        via  9c6694b7073a6ebfd1da4950e0c8db4b91530202 (commit)
>        via  a9cab7e39b101b89470e2e4109c14e7f17218032 (commit)
>        via  55c76589fd19e5f04697dcfd0084039cd77ef304 (commit)
>        via  37fc7b9e2eca60e838bf5bf061bd8a8206e4fa9d (commit)
>        via  e768f9c0f69df1f02f8252fead6d82648b410bd8 (commit)
>        via  511a6936c7062d59dd9335ef16d9165d19c45604 (commit)
>        via  1a2e58cf55979749ea76835d0b36327c051c2715 (commit)
>        via  5ec279894e8b1275b6cbfaaddb425e8f56639bdc (commit)
>        via  a3da2f3bd755165c50c5c7fb55c2bfcb042fb3d8 (commit)
>        via  7f3e12f3e5223c6a6c34bafdf47df86f66078963 (commit)
>        via  2e74d6f3744e5aef2e01f1f295472ffdb58f1929 (commit)
>        via  120ce443c466fb1d286ffd200ca22a1e9db7284c (commit)
>        via  2b89a9c19db30894e2476a5a750c443dee339d70 (commit)
>        via  ec346ea11f76d0797035c476794104a3230531f9 (commit)
>        via  180edd67022017351a6546b4aa79bcaefada01c8 (commit)
>        via  590ae889334b01a59606a1a8952d976098bd6123 (commit)
>        via  bff13ba210ed61f756fc82adce1921f84b43ffe0 (commit)
>        via  92adc3e911314a6f90986d8410ec0ff4b82c9f79 (commit)
>        via  c32981c3fb1bf5191052fb1c348bdc8b9e7c1b15 (commit)
>        via  4ba0d9af63fbf7e9acfa068a1fe36b3d287b9c6b (commit)
>        via  d24d56d7ee3420bb79238ff84cad07c20cf4757d (commit)
>        via  e3fdf5cc9c60eb97f8520f059ad1a09d3f73509d (commit)
>        via  6fe93aa1877359365a07d9110e0e2dbfb3b0205f (commit)
>        via  d74325c436457b87b17e3ea598a9eb4ba66e0d49 (commit)
>        via  1d374b9725e53d8b099970c1b501d56d599c4772 (commit)
>        via  fbbf51926e113e5e70d6ea507ed7d1019d0e0aa8 (commit)
>        via  d44e88c26690a56f9efac58f602dba06c9ec0c90 (commit)
>        via  d3060bd055eac45c1767e1e80fcaba763eb7477d (commit)
>        via  d007f8ab3da297ed0de884e0c6e57a66de2fcb42 (commit)
>        via  bf7d3153c925ca1404662a8fe031da27308f4187 (commit)
>        via  3d5e9f4801c0311a6300fc781a4c0a09a6d463fe (commit)
>        via  d7a09c630b2150636bf4dfb266bc632abd65dfa8 (commit)
>        via  b7f2846aabb8c1c59b078b4c529e60ea254432f1 (commit)
>        via  626ad11bfee3e12e675f51e92920030a6f383b19 (commit)
>        via  a0e93eeb2293e15a18e6c56271d13907f082c4df (commit)
>        via  61a1d519f472c1ac95c641d974401c932f82be66 (commit)
>        via  9c4693b853c5a9ab2156544ee3334a082cdba420 (commit)
>        via  650468bb4a5c9a6c69b524f574e8d0f315f45c37 (commit)
>        via  b93aac46f2802b3639c1ac2ed0cf71174673d110 (commit)
>        via  01e6b7148046c3f41849d093bc61454279792b80 (commit)
>        via  b98f7d6ed1b89b6452af4a2b5e27d445e4b3a138 (commit)
>        via  070a4b8e68a6bf9a96c24ded47974388c83f1d57 (commit)
>        via  20ab58c777136a449b3199e0733b62fa87ecfa61 (commit)
>        via  3fb18be95747034bf36f46be11b0eb288b2ec1b4 (commit)
>        via  baece282266318a9bb527cefc85ebf7b6dd7f10e (commit)
>        via  8bb17b7791777538d8f7cc957939fc871843f218 (commit)
>        via  79159a86ddb51071055abd7ee08935bc65b9e7a9 (commit)
>        via  034a01593a4ae10d6f1e49b71afbfff70cfc226c (commit)
>        via  54e339f91785368a7825b2edaad04c2177a1a382 (commit)
>        via  65d8ae9c4a66f5ca85289c02dc06d63261c84619 (commit)
>        via  1c8e4ee0a08638e35732a0ddd0052ecde49fbecb (commit)
>        via  4a0ba80d62c0d8aeb5c9857749659fdf716c380a (commit)
>        via  b40a606e52c788db85fe1c42d3747483d159b6a5 (commit)
>        via  96532523ef90ea6ce3f08ec7d74c3c850b885e50 (commit)
>        via  d273b8abfa24040c8ef0dd73eb1d30ef8dcbec54 (commit)
>        via  c9cbb9e51436f84d7871a50776dccacfd8dc196a (commit)
>        via  2c495ae35a804e3c12cb9f4826c30295043986ce (commit)
>        via  d155b47dac549a5c30c0011923274e3744109c91 (commit)
>        via  469b57873977afcb5d9f5adb00097c944caedd2a (commit)
>        via  b60ed720848c8276e4e770d380ec6014768d9923 (commit)
>        via  b113383b84e5fcd2997a939d3f826a06b109e3d9 (commit)
>        via  1aad9e44d65e7c20dabc4c99f57bcf532db66c68 (commit)
>        via  460bcbd85c97b5a0eac9cf7cead1abde1281cd5a (commit)
>        via  5be56973e5e874a142263dfb164b0b03e18a65f3 (commit)
>        via  4165b2c65648b5df521c6e83b1cbad91d0896a00 (commit)
>        via  6f259716e75552cf46ee5125bdbd21e34456d0c0 (commit)
>        via  8058be395d46cfabf2dacd7df79e95309619986a (commit)
>        via  819554fe20bbc0ce720b5ed0d5b8e53aeba6b284 (commit)
>        via  5202677243dcda16ab97c07d497174726198f7ab (commit)
>        via  27c27d73e1b1a07e3621484fa033206549e2a1f5 (commit)
>        via  3ce746862b2a2b33f3de65aeecda0bad1a5dd27c (commit)
>        via  868a70afead6cc48a4c883126ea3ef01b6ec57e0 (commit)
>        via  6a2e602b1b03617e77dcd4b5f82f34713a970ac4 (commit)
>        via  dc23c1c817da5c13529432270e51d0f7f3b1e95e (commit)
>        via  ae13ae0853a246119ddaf9c8cc6d128a21a8988c (commit)
>        via  283678ed2ccd88a6ba57fcb28516311adcdb6fac (commit)
>        via  cbee8106e38f9ffa130c7bf8be325f7f203da67a (commit)
>        via  96b3cb407c07915db2cd0542c313a4bff4d1d389 (commit)
>        via  fb75356a85e3097db77386e7c62836a3ee69217f (commit)
>        via  1143ed392d2760e8f7aeee88d570bb0ba151885f (commit)
>        via  b9b3a92f664fe3966decd0411b25fb6b77425e23 (commit)
>        via  3327917f4a991a49ba1562b774c63c45139772eb (commit)
>        via  9313e1e628160ca64f9e7fcec6500056c9a0725f (commit)
>        via  6cda3f5ac1e3a20a97a419923e587d6bdb1fece9 (commit)
>        via  b58e60e232a3049d946a3b18e6f21912cd3453f0 (commit)
>        via  39ffde307ad83bd407aaa6a0d81682902bab248b (commit)
>        via  b0f9616f6227f56dce8ca2514610f432ba4fab8a (commit)
>        via  18efb001a4498f8fc62ab37f1db552fdf001e798 (commit)
>        via  ef091cefca5082007678fe82ad01389f7057ca48 (commit)
>        via  9c631ea7c2906f41b23f5c8dcc9f6045078879db (commit)
>        via  9a15a0f3f8faaa5e0d983f11bcf94dcf492c1349 (commit)
>        via  53f3f04845a9eb60064c302e1f95652f665809f1 (commit)
>        via  2e599a6a25b533fe63840edc34ee265811b7b814 (commit)
>        via  982e7b6ea40ea57923f4f094858424debc1a5f7f (commit)
>        via  85b41c7d7f72213199b5cff9525d17f44b49a842 (commit)
>        via  37cb98a2b7e5c7b0abf69f261a16d759453492f1 (commit)
>        via  1a7cb0850405b271b7bedacd243235f29cd368df (commit)
>        via  176d9acb2ec17211a0d69bd2bd99f914fad8d7ad (commit)
>        via  ae3f8cf9a4a03c62c6c12968b38b2352388df91c (commit)
>        via  618fa49dddbedd2b7319c0089dffd8d65aef8369 (commit)
>        via  54c30e290876c5fa6e4c7b5a511580793e4777e3 (commit)
>        via  37903589a2de0cbd62f94c5fd06d0aa8d57ca140 (commit)
>        via  b515981702133b9aaea1aff378493f054c14d46c (commit)
>        via  5d4d3ebb13705d1e102429c75fc06932f81816dd (commit)
>        via  71b0fed669a088675c1344ed68b250e87414c998 (commit)
>        via  54b79829e23e01998eeafb8156987937a894af3c (commit)
>        via  6e46cfcb0e4fcaa2d920a3c473f83c0a73c68cfa (commit)
>        via  fabf7361da4845cd6cf268e0e85c3c6a1c0b0be4 (commit)
>        via  38973621a40a5657b067409321d54759520d7951 (commit)
>        via  31f58b3fcec322dba1eed71e364335c30500066c (commit)
>        via  f02abefef9a59658c813e08f86a91fbe09eabf00 (commit)
>        via  93dc5327aa0c2b13d619b8bedf893eea983d4d68 (commit)
>        via  1af60b514fc9d8da2b4485e9e8845619fb6c6b68 (commit)
>        via  eddaaafd1a9b02ba39e5b6b13d40b4a5d37a04e1 (commit)
>        via  f002c8a7655e42a325ef6bad9fb0844fad4e410b (commit)
>        via  4c1f6b67d9b842d9e5c293eea2ff19301ecc5596 (commit)
>        via  3155e7f954d4b5d7da528d2a3cd8be254432e3c3 (commit)
>        via  63c3090c913142cd19f443b040cdede2c0522ce8 (commit)
>        via  44ef0c0c7200ef4e8783387d886d3748da3d50fd (commit)
>        via  569bee5cc3d647032573db8f72734faa9307d577 (commit)
>        via  0a18b5458b6d0fcad9a82b96f99035254af50c7a (commit)
>        via  3a647d582dc759e43c2087f0d906adf77c62ab6c (commit)
>        via  3bc449ed24edc4b754cbe0af19fe878d29731f59 (commit)
>        via  73e608b21f73509c5f8c7a948cc6d4b0898edb2c (commit)
>        via  39dc698cb4025516a3428a68e19da05feb6fc0e9 (commit)
>        via  0115f8fd27b1a31d367bb161a121694f92b45e62 (commit)
>        via  3db989bad5d58bafac80f448e1dd2d048e791478 (commit)
>        via  dc5e436e702f0bf4001e3e6e9f855443b2fcf448 (commit)
>        via  5790f7b7a76b9ccff662fdd6ff0013b8f218d020 (commit)
>        via  64f782ca69c70fd155427a81d69fda593981e770 (commit)
>        via  1897e3bcd36af9f3fe6d3649910a9adb93e5e988 (commit)
>        via  60bf62d4ae36a48342fb8aee680fbd4b423810b1 (commit)
>        via  3e625e2d2e12b919dd9590b97badc6108ee67b1a (commit)
>        via  5cee8c5040661f9875bf41cfffd641c87afae8af (commit)
>        via  df271a59cbfcfbe98fa4bd7af3ae595633539a12 (commit)
>        via  2acf77955239ec0046451fa16812d2884e6bd19b (commit)
>        via  6a44839f5973f41553349f1b5e77d8db809e60eb (commit)
>        via  ad5f15151580201b79fc140f664227b494639e81 (commit)
>        via  5bb4a226ebec9f3fb678a282a2b2833748d6707b (commit)
>        via  65be441e0892b45000b9b3863d407539e56e47a4 (commit)
>        via  481624b37b37ffa98b735cf3f94e35d1fbd729e0 (commit)
>        via  fa9ac567a7f1593c586cca57362f6b542985e5d7 (commit)
>        via  20fe4e8febe40f6fc4e4c6f52b91f0af0232e6f5 (commit)
>        via  fca3080f6a46f856c54218a8e478a174382b4c15 (commit)
>        via  ef6e34eec8d5a9f1447462d6080facb674b3ccdb (commit)
>        via  9c83a661397456e1455d739bcadfa38f05ce2fe6 (commit)
>        via  92f023dccced28a55ce323253f298e9825fe7da7 (commit)
>        via  65fbbb0a0f7bad119aa5f2ac6f3ee041970889fc (commit)
>        via  c797a220d51d2796355fd60eca50523ffd6fb45e (commit)
>        via  71b9b8ed262e2d826181bfb79e5d5075ff1a3ff0 (commit)
>        via  d1240f0335e0c469b850da467661dfbb8f262727 (commit)
>        via  11029c023a12dbe3f3569fcc22f25667686e417f (commit)
>        via  40650ea6817286a9587a84bf3ce5d25d10620303 (commit)
>        via  de09eccbeda214a1ef5a9b7144870defa97e88c4 (commit)
>        via  dc92f6c7eec81dc104b3f7873ffd74ec56a1dae1 (commit)
>        via  148e91f56799f03c868deca8dcad473983a1a2bf (commit)
>        via  9a93d99213da44b5ddf2f5295f6ef3a59d4f1fba (commit)
>        via  6031a6e5f939bda07d98768d34dafae677a7dfeb (commit)
>        via  d9e80daf54e15b89b0b08d475b29893be9830be0 (commit)
>        via  627fe3b4c3a65535eb53c3d63794705d8f6322d4 (commit)
>        via  794fb287b3bd7a6c07f99ec1565c517922287065 (commit)
>        via  807732062eab6cd44fb033bfbb37fbb38907aa66 (commit)
>        via  58a46e06210a6321c530735f15f66eb648c4657d (commit)
>        via  714540763b8b1ac12c029d7760b4e4fe13a69b43 (commit)
>        via  304143a823ede4eca52f1d11ae1449995ad503ff (commit)
>        via  8d06bd135af4852f24660be965aba2d781223af4 (commit)
>        via  566c0d6dce82ee573da01e325c53179ed74350f1 (commit)
>        via  7f4717c293fd5ecb9d605bed890cb412314aa8e2 (commit)
>        via  dd66e5adb38c76e6eecf0e54c5418fd9f7ac3b3b (commit)
>        via  f2bbe86da4044c8db39e6eae19541fe2d117bae7 (commit)
>        via  3856bc9ff50f2cbd6cb2830619f3594ffea0b344 (commit)
>        via  5ca6c34bdeb02ea355a0e5ef9ff51581b58c1ee7 (commit)
>        via  42fb4b1585d5f2073fbfe984acd46b625fd3c6a1 (commit)
>        via  91c908ee8ea5aada054cbb7f4203d486c2e9a09e (commit)
>        via  ab81cef05338e7a553aacca141287034d6daf167 (commit)
>        via  7c7ec7a8eded3d3864631165503fedb456e1b779 (commit)
>        via  8ee3042a5419ea4c9bb0d1c264715f9d9c39bfa3 (commit)
>        via  d2c8186b4d185d75e81aec02d5a62dde4192c16d (commit)
>        via  a9bafa108521ac785e846f2ace105c327371c106 (commit)
>        via  3c73b55472c096f06fd037c3c0af011be62a432b (commit)
>        via  a747894428ea38c4a908acacb610fc3de714e0c0 (commit)
>        via  8fb86a37daecd05e9ef7f291dd4762be881f88e4 (commit)
>        via  bec695f3ec43972ad38f06f92ff2db03d8405562 (commit)
>        via  8950ee8ebfc9a7f34003f6892b5a7da6aef9fff9 (commit)
>        via  a2eea3c1974d70bdef74a0af6a14ca3a6fa41704 (commit)
>        via  2d4bcb96155c0e4a5d2734017f889b993144e876 (commit)
>        via  fc7e88640cbdb402aaa048dd74829c8d09dda850 (commit)
>        via  b85ab7989ebe24629267048cb269b278eeb50490 (commit)
>        via  375c2258b24b233832c9ec43ab9c7b3f5dce25fb (commit)
>        via  e0b0b533feed683ce12c94e11174019a5dac64fc (commit)
>        via  eee3ba81c88e64b8a732694fc4843a39d5bde491 (commit)
>        via  ee25a44fd389ed450e3d7ef9513eec19668f2de7 (commit)
>        via  b338c81b9f0130106eee4b2ff70959c2e62a1fac (commit)
>        via  385e7a431a1865017211478741408d505396f9a7 (commit)
>        via  b164a17f9bfcc3f067dad33d0c38834aa22ca2b1 (commit)
>        via  ec471210d97ba23b2de618349bdb6dd4145e53e0 (commit)
>        via  0fc0d057c34f3ee10eeb87e3f11405aa79c3b4df (commit)
>        via  a8428dfa2c6a43ee195f4be3e04a519ca1fc6ec0 (commit)
>        via  1e1bb42a8fca68d9fa9391e6644aeff296479499 (commit)
>        via  31a95fecd2e0b1408e9a97e3ae36a7770544d1a2 (commit)
>        via  ca52dcb55961d75e0163f237c92d225964c786bd (commit)
>        via  3baa76fe36bd2b59645a952c3a47a960090c38d2 (commit)
>        via  9be53773792fc9e8bd173edc3b7ac7e144875387 (commit)
>        via  ab1bf971d2db43777cbf3892fb887bf71ce7d155 (commit)
>        via  7f95145833bb24f54e037f73ecc37444d6635697 (commit)
>        via  33c2c3ec93c17758f37cc2e53f07f7dfe6b72336 (commit)
>        via  f485f377a1caba11c58da100d3db9a8c6fdeb7d5 (commit)
>        via  4f43438c476c3c5fb78d6192238d540108a33cb1 (commit)
>        via  6320e49454b0fd86dde7df0af54a2e194ae59821 (commit)
>        via  69fe23ff0777390e34a8c0b11ce6037e5aef9109 (commit)
>        via  f05699d19e27567583b9397a8d529e8aa275f5e1 (commit)
>        via  6b7916695264238a490971e8cd87612154fc18b1 (commit)
>        via  e8b9ac8fdfddec6a2eaacd6cdaa968058cf4e1e2 (commit)
>        via  4fa22bfca1e94393aa3fbdc3fdf5516e75d47521 (commit)
>        via  e51d4895129209cec1c15bda2322136a03ec94b2 (commit)
>        via  dc7f65454ee88fbd50f4d6f8a7c567eb27107314 (commit)
>        via  0a9362f5745a58a3d63354d76182108ea81ecf05 (commit)
>        via  15451ecf742bfa38a0732270b36d4a8666d2124e (commit)
>        via  6516ad8b01aac298bffe60a8d7d21745f3354a38 (commit)
>        via  93d564edc5d69819e85c3fa93368d37ec803a2f9 (commit)
>        via  fd37327f57a6d53692babcaf69dfbd8f62e59918 (commit)
>        via  cf0f903326cf3cdd10f834c1bbc627fd81e06044 (commit)
>        via  051151de890705173a42bbead40a6125d34ea41b (commit)
>        via  bbb8a488aeacf8a226d49773fe13798a202a78e2 (commit)
>        via  7e1667d76e76eb3d571be5e4b545e8ace6e92187 (commit)
>        via  ddb17f1f0870ddb1678e34652f54458207cb3bb0 (commit)
>        via  599d42525144cf0fcc7de6ac1b576c5c6ae290c2 (commit)
>        via  a2abaa9ec60a8967611e8c8905698bd01bde5861 (commit)
>        via  ed4616b1cfbc84dd01caa8546d813e8c5d482921 (commit)
>        via  6c5db2af1f706e8f21f2a5f074bada96e9011052 (commit)
>        via  2ebec36f271d4ee943281e32feb3552745115347 (commit)
>        via  860fc865b0ae0fd6381a8a9a777efdbde0aaefb6 (commit)
>        via  23154d5764c06b68a5c154cecd89524ebe747ca1 (commit)
>        via  3763ee85915d28737bfebffa136bfb49ef0a2109 (commit)
>        via  8de4140644f01180f2fdab55b0ab0f13d1c761c6 (commit)
>        via  5a5c35c3a01afec515e688c8366e6f893985518d (commit)
>        via  6b28a086310b8715f4655446f4c01d9555ef1786 (commit)
>        via  a81bad13ec305b885eff2934307d9205d55e0050 (commit)
>        via  2c7d90ac6eb4d883d9650d17cd915d958b4e5e66 (commit)
>        via  98663823e47ec56ff5a8205a17cc884acbf9cabd (commit)
>        via  883f4a1eae77f332059dc0be6f965485a0361ec0 (commit)
>        via  ce4c4ca43586825a13c1abb4ce13e90d9447a0eb (commit)
>        via  8e7da691af29fe1d8b93d2e4acc98eb188ae74cc (commit)
>        via  2796cf790f80e8be8dd90238f6789e52bd3cc2ac (commit)
>        via  e6a19d2683629888175371ed2eeb8a49a7b44873 (commit)
>        via  0a2188544a538b421612c90d44e56853a9d64458 (commit)
>        via  03027ad99f2759182fbcd3363298ae6adaf88cdb (commit)
>        via  4d44e274dcd933327c4f1c1cc7e1f876d08ffa85 (commit)
>        via  00b6be440f93131e35e75fb1b34d8d3220590bb5 (commit)
>        via  5371906219ff19886169612993efbb8e82f749a7 (commit)
>        via  2802732032aeaabe8c793ae76112d9c8ba13ee23 (commit)
>        via  bb1d227404ff96564877a04ef9299c63f608f543 (commit)
>        via  022de5f317014c538e17378b626cf3267625e141 (commit)
>        via  b6f24d54f54146a0f5de700dac7ffc2ef7624359 (commit)
>        via  a6537fbbfb0b9d08adc58ae23b873a084e5d479c (commit)
>        via  a741a85d8e241e9ca773f3cd7575d720837fcb51 (commit)
>        via  b4e4ca49c792d7320787a6991ce1815d26060d39 (commit)
>        via  c928f41fc0e79a24e4c43a80fb26b3c46997d91a (commit)
>        via  416707883893211a15c031b1f3589bc7cde9bf2b (commit)
>        via  586d4e9be1eb13cd9cb77cf6c56ce57e24623c44 (commit)
>        via  af41709c4243e0fd9dc1fac5f22cdd47316f8277 (commit)
>        via  bdb539b89bbe123018392bb8c64cb94c13d736a8 (commit)
>        via  8767795058ca5b46c8a9e335ad941d8799241716 (commit)
>        via  43d1aa34aab1c43bce8f083d024bf54f0246a884 (commit)
>        via  e649c8032f84b488cac8ea6c8fb9a77c424a0419 (commit)
>        via  75129865d48d2293383316f88ce7661e37dde43d (commit)
>        via  9eee2f7739dbaf82d3b0837de41cdcba5ee4a1d3 (commit)
>        via  33892746e373449a8a69a4265d783bf701cb5784 (commit)
>        via  6efdcb6a3cc4d06bf64af69b08bc95335f02b79f (commit)
>        via  fe19f236a2295da1e01ab05ff59853c5a4556811 (commit)
>        via  1354f952876e96b456425efc7ed9994caf687028 (commit)
>        via  190a2ea88e9820e5e150ce36414233da4bd34b44 (commit)
>        via  fd95f2402dc70ad41fa2db8fb101f950196458a9 (commit)
>       from  e9831f83532184caa119f830eee54728084444ba (commit)
> 
> Those revisions listed above that are new to this repository have
> not appeared on any other notification email; so we list those
> revisions in full, below.
> 
> - Log -----------------------------------------------------------------
> commit be9f766c1ef1c74cb7cdfca97a71757b492b8a5c
> Merge: e9831f8 f756cda
> Author: Daniel Lezcano <daniel.lezcano at free.fr>
> Date:   Mon Sep 9 21:07:12 2013 +0200
> 
>     Merge git://github.com/lxc/lxc
>     
>     Signed-off-by: Daniel Lezcano <daniel.lezcano at free.fr>
> 
> commit f756cda05c4058dd7f5d46f2cf51c3bc7fd002d1
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Fri Sep 6 21:09:57 2013 +0200
> 
>     configure: enable Lua if found and continue without if not
>     
>     Search for Lua if no --enable-lua/--disable-lua specified but continue
>     without if not found.
>     
>     If --enable-lua is specified and Lua is not found then return error.
>     
>     If --disable-lua is specified, then don't search for Lua.
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 5c068da9695bcbfa46e0b3666128e3a533c9ddc7
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Sep 6 12:25:47 2013 -0500
> 
>     lxc_spawn: don't close pinfd until container is stopped
>     
>     Otherwise containers may be able to remount -o ro their rootfs
>     at shutdown.
>     
>     Reported-by: Harald Dunkel <harri at afaics.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 69c757b343b5bbd2543adc4f3f0204d4696515e0
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Fri Sep 6 09:08:45 2013 +0200
> 
>     lua: fix logic to enable lua support in configure
>     
>     When there is no --enable-lua or --with-lua-pc, Lua should not be
>     enabled.
>     
>     This fixes a bug introduced with 12e93188 (configure/makefile:
>     Allow specify Lua pkg-config file with --with-lua-pc) that caused
>     configure script to fail if lua headers was missing.
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 2caf9a97d90a61e5eaf9d7c218e5bcc35dfbfbb3
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Sep 5 20:31:55 2013 -0500
> 
>     sanity-check number of detected capabilities
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3a1675bf08b35bd5a5078f5638048c2c72c3e981
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Thu Sep 5 16:40:49 2013 -0400
> 
>     add AS_VAR_COPY for older autoconf versions
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 330da5fa322cf628aadc425c5be86814530d313e
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Thu Sep 5 15:20:44 2013 -0400
> 
>     lua: fix stats gathering
>     
>     - remove lxc subdir in cgroup paths (done in commit b98f7d6e)
>     - remove extraneous debug printfs
>     - remove extra call to stats_clear
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit c25c2970a6aabc45ee6375cc127ed45efea2f9bf
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Thu Sep 5 15:29:20 2013 +0200
> 
>     lua: implement dirname in C rather than depend on external executable
>     
>     Instead of popen and run external executable dirname we implement a
>     dirname in C in the core module.
>     
>     We also remove the unused basename function.
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit ac8255280d2e4348ab0eba5ec6982edc92ee6fbd
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Thu Sep 5 14:33:28 2013 +0200
> 
>     lua: implement usleep in C module
>     
>     So we avoid running os.execute
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 12e93188de7dfe9ba66e022f9c28aa1f696a22e8
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Thu Sep 5 17:13:07 2013 +0200
> 
>     configure/makefile: Allow specify Lua pkg-config file with --with-lua-pc
>     
>     Enable support for both Lua 5.1 and 5.2 by letting user specify the Lua
>     pkg-config package name. By default it will use 'lua' and try figure
>     out which version it is.
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 44a80d675ffb81ebb1a66a62c162e93a4c5882a0
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Thu Sep 5 08:45:33 2013 +0200
> 
>     lua: prepare for Lua 5.2
>     
>     Adjust code for Lua 5.2 and keep compatibility with Lua 5.1.
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Acked-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 2698b46924ab861b1f39fb11560c852d080e7b02
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Thu Sep 5 15:07:51 2013 -0400
> 
>     lua: fix a bug in the parsing of /proc/mounts
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Acked-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit eee59f9408398849e9b7fc58dbe68ec176de4d50
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Sep 5 18:05:34 2013 -0500
> 
>     clone: don't copy rdepends when not doing a snapshot clone
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2a2d36a42512160e7771b2472cb7922423523048
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Sep 5 17:59:28 2013 -0500
> 
>     fix typo
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 1fb86a7cdc22d22b14d03eb0cbd1aa6702862dd4
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Jun 13 22:43:01 2013 -0500
> 
>     introduce lxc.cap.keep
>     
>     The lxc configuration file currently supports 'lxc.cap.drop', a list of
>     capabilities to be dropped (using the bounding set) from the container.
>     The problem with this is that over time new capabilities are added.  So
>     an older container configuration file may, over time, become insecure.
>     
>     Walter has in the past suggested replacing lxc.cap.drop with
>     lxc.cap.preserve, which would have the inverse sense - any capabilities
>     in that set would be kept, any others would be dropped.
>     
>     Realistically both have the same problem - the sendmail capabilities
>     bug proved that running code with unexpectedly dropped privilege can be
>     dangerous.  This patch gives the admin a choice:  You can use either
>     lxc.cap.keep or lxc.cap.drop, not both.
>     
>     Both continue to be ignored if a user namespace is in use.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 59d66af29da6ca8c5fa8cb63a5bbfc443811bb81
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Sep 5 16:56:54 2013 -0500
> 
>     bdev: free after bdev_init
>     
>     (Except in cases where we will immediately exit)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 41c3b7c7ac9b33bc562ebad9ea124912577f2ba5
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed Sep 4 17:04:51 2013 -0400
> 
>     valgrind: fix memory leak on container new/put
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 75b5535282453b3442a41df4a3ba6d3058cd6e48
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Wed Sep 4 17:01:09 2013 +0200
> 
>     lxc-alpine: add hwaddr for a single macvlan interface
>     
>     We already add harware address for a single veth interface. Do the same
>     with a single macvlan interface.
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit e34b5d2ef2c329afe6540bbfc298ae631378832e
> Author: S.Çağlar Onur <caglar at 10ur.org>
> Date:   Tue Sep 3 16:21:15 2013 -0400
> 
>     bdev_copy segfaults if bdevtype is NULL
>     
>     Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit cd0bcc4958e58a2750cf9086f75649d14c83ac70
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Tue Sep 3 15:11:07 2013 -0400
> 
>     tests: Add lxc-test-usernic to the dist tarball
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 250b1eec71b074acdff1c5f6b5a1f0d7d2c20b77
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Tue Sep 3 14:29:46 2013 -0400
> 
>     licensing: Add missing headers and FSF address
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit d08c3aaebca1ccc47f1f14dcd6fbca39953f8dda
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Tue Sep 3 11:36:09 2013 -0400
> 
>     ubuntu: iproute is now called iproute2
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit c66e9b01f04840c5abc34d235dbbb2ec9ca55205
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Sep 3 07:56:11 2013 -0500
> 
>     lua: update license
>     
>     As with other files, update to be LGPL since these are part
>     of the lxc library.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ca9548ad02238600899a1f86ded308279964e018
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 30 17:27:14 2013 -0400
> 
>     python: Fix api_test to use the new attach() API
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 80bcb05357a90cc9a2e21e942a2b0a53cddfa7a6
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Sep 3 08:08:39 2013 -0500
> 
>     lxc-commands: add a comment explaining CMD_* rules
>     
>     We wish to ensure that, henceforth, newer lxc tools are always compatible
>     with older lxc monitors.  Add a comment to commands.c to explain the
>     rule we wish to enforce to this end.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 0f081315a9310bf04fe4bc64b900ec6bac36f85d
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Aug 30 15:51:31 2013 -0500
> 
>     remove old stale comments (lxc-clone is now implemented)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 188e0ab60bda276c688ad15877c6d6402081c6c9
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 30 15:56:21 2013 -0400
> 
>     Add a section about licensing to CONTRIBUTING
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit acbb59f50d5196facde837ea377f70e98ce1e6f8
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Aug 30 14:43:09 2013 -0500
> 
>     fix license text in ubuntu and ubuntu-cloud templates
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d75462e4d663c58bde0787fdbe0ef3148e44cdde
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Aug 30 14:42:20 2013 -0500
> 
>     fix wrong license text for parts of liblxc library
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 0c69c79b4d86a0bda4a0c1ea2e4cc63d28c7baa6
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 30 12:08:26 2013 -0400
> 
>     avoid zgrep -q as it's failing on some distros
>     
>     Reported-by: Filirom1
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit dfa7aa3a836aef5d0f1aebe0f6eeff65d20239ad
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 30 11:47:58 2013 -0400
> 
>     fedora: Add missing double-quotes.
>     
>     Reported-by: tlc
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 840295ff4cf11da0938a19f99fef8a1525de8106
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 30 11:43:19 2013 -0400
> 
>     Fix some typos
>     
>     Signed-off-by: Dmitry Shachnev <mitya57 at ubuntu.com>
>     Reported-by: Vincent Ladeuil
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 80507ee8eb66f4f23494caae26f6d2f0b50480b6
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Aug 29 10:41:19 2013 -0500
> 
>     start.c: handle potential signal flood
>     
>     Signalfd does not guarantee that we'll get an event for every signal.
>     So if 3 tasks exit at the same time, we may get only one sigchld
>     event.  Therefore, in signal_handler(), always check whether init has
>     exited.  Do with with WNOWAIT so that we can still wait4 to cleanup
>     the init after lxc_poll() exists (rather than complicating the code).
>     
>     Note - there is still a race in the kernel which can cause the
>     container init to become a defunct child of the host init (!).  This
>     doesn't solve that, but is a potential (if very unlikely) race which
>     apw pointed out while we were trying to create a reproducer for the
>     kernel bug.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 48c63f8d035045af1103b677b5ec577aec59a5b5
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Mon Aug 26 13:47:58 2013 +0200
> 
>     lxc-alpine: create /dev/zero
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 5acccf95b2bd1e5ffedf687e527dcad5a54d4c1e
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Aug 23 12:45:15 2013 -0500
> 
>     config_ipv6: run inet_pton on the addr value without mask
>     
>     otherwise a "$addr/$mask" results in failure.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 79622932f21d22db36a0b6cca129f559b5e76108
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Aug 22 10:27:40 2013 -0500
> 
>     api: convert lxc_start
>     
>     Normal lxc-start usage tends to be "lxc-start -n name [-P lxcpath]".
>     This causes $lxcpath/$name/config to be the configuration for the
>     container.  However, lxc-start is more flexible than that.  You can
>     specify a custom configuration file, in which case $lxcpath/$name/config
>     is not used.  You can also (in addition or in place of either of these)
>     specify configuration entries one-by-one using "-s lxc.utsname=xxx".
>     
>     To support this using the API, if we are not using
>     $lxcpath/$name/config then we put ourselves into a custom lxcpath
>     called (configurable using LXCPATH) /var/lib/lxc_anon.  To stop a
>     container so created, then, you would use
>     
>     	lxc-stop -P /var/lib/lxc_anon -n name
>     
>     TODO: we should walk over the list of &defines by hand and set them
>     using c->set_config_item.  I haven't done that in this patch.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit cb0c6c020314ee0fea0ce30d209711f7e9c29aaa
> Author: Scott Moser <smoser at ubuntu.com>
> Date:   Thu Aug 22 15:38:48 2013 -0400
> 
>     hooks/ubuntu-cloud-prep: add hostname to meta-data
>     
>     prior to my enabling of the clone hook, the setting of the hostname
>     was being done by writing to /etc/hostname.  Instead of relying on that
>     we're now writing 'local-hostname' into the metadata for the instance.
>     
>     cloud-init then reads this and sets the hostname properly.
>     
>     We are also writing /etc/hostname with the new hostname explicitly.  This is
>     useful/necessary because on network bringup of eth0, dhclient will submit its
>     hosname.  The updating done by cloud-init occurs to late, and thus
>     the dhcp request goes out with the un-configured hostname and dns doens't
>     work correctly.
>     
>     Signed-off-by: Scott Moser <smoser at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 92b0b5bac5717e5281f51340192288050409ad47
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Aug 21 16:53:52 2013 -0500
> 
>     api: convert lxc_wait, lxc_freeze, and lxc_unfreeze
>     
>     These are the last of the simpler conversions.  Start, execute,
>     kill, info and attach remain to be done.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Dwight Engen <dwight.engen at oracle.com>
> 
> commit 9069513c69d77b5c22219b43f78ba1554431dd36
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Aug 21 14:35:28 2013 -0500
> 
>     lxc_cgroup: convert to using API
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit dfb31b25e298d98ea80a699f019308019c6670d8
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Aug 21 14:43:52 2013 -0500
> 
>     Track snapshot dependencies (v2)
>     
>     (Will push in a bit barring any objections)
>     
>     lvm, btrfs, and zfs snapshots each do an ok job of handling deletions
>     for us - a btrfs snapshot does fine after the original is removed,
>     while zfs and lvm will both refuse to allow the original to be deleted
>     while the snapshot exists.
>     
>     Overlayfs doesn't do this for us.  So, for overlayfs snapshots, track
>     the dependencies.
>     
>     When c2 is created as an overlayfs snapshot of dir-backed c1, then
>     
>     1. c2's lxc_rdepends file will contain
>     
>     	c1_lxcpath
>     	c1_lxcname
>     
>     2. c1's lxc_snapshots will contain "1"
>     
>     c1 cannot be deleted so long as lxc_snapshots exists and contains
>     a non-zero number.
>     
>     The contents of lxc_snapshots and lxc_rdepends are protected by
>     container_disk_lock() and at lxc_clone by the new container not yet
>     being accessible.
>     
>     (Originally I was going to keep them in the container config, but the
>     problem with using $lxcpath/$name/config is that api users could end up
>     calling c->save_config() with a cached old value of snapshots/rdepends.)
>     
>     Changelog:
>     	aug 21: check for fprintf and fclose failures
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Dwight Engen <dwight.engen at oracle.com>
> 
> commit 84bdfb2b4c95b24fde5e90e621372fcd6c4d069b
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 20 18:15:06 2013 -0500
> 
>     avoid very unlikely race due to EEXIST
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 659aa0618c34cecd388df73936b41d5fb573090d
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 20 18:01:07 2013 -0500
> 
>     coverity: make indent match nest level
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 5d9598d7d3206d1bede4932e7c8565f1ab309fbc
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 20 17:59:19 2013 -0500
> 
>     coverity: dont dereference before null check
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a09295f841be8add0cbfc2932c59535f0d1365ed
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 20 17:54:19 2013 -0500
> 
>     coverity: don't leak partial_fd
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ca6973422d5471281126e9e1884633367479f246
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 20 17:48:54 2013 -0500
> 
>     coverity: don't leak open DIR
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 01efd4d3d91713fc4f8ca55c7726b8216ed16fc6
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 20 16:58:24 2013 -0500
> 
>     coverity: correctly handle tpath error case.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 1fd9bd50ab0ccea0a6c069147a4bccb0751ca18f
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 20 16:50:25 2013 -0500
> 
>     coverity: ftell returns long, not size_t (which is unsigned)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b4569e93217fe9a18af35b4475c8f8eac1436759
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 20 16:29:29 2013 -0500
> 
>     coverity: don't bother getting template path if we're not going to measure it
>     
>     This should also fix a memory leak, since we were freeing it under ifdef
>     but always allocating it.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit fb760f70541c9af728eb2ab0c6175875f7448752
> Author: Scott Moser <smoser at ubuntu.com>
> Date:   Mon Aug 19 10:18:37 2013 -0400
> 
>     ubuntu-cloud-prep: improve overlayfs workaround
>     
>     the previous 'patch_start' can be vastly simplified now that I better
>     understand what the bug was.  Instead of wrapping 'start', we only
>     need to ensure that /etc/init exists inside the overlayfs, so that the
>     directory that upstart watches is guaranteed to be in the overlay, not
>     the underlay.
>     
>     The problem is described under bug 1213925.
>     
>     Signed-off-by: Scott Moser <smoser at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit e14f67a7bfa7065480fc7cd47a45f209a0aee79b
> Author: Ubuntu <ubuntu at ip-10-181-158-15.ec2.internal>
> Date:   Mon Aug 19 13:34:59 2013 +0000
> 
>     cgroup updates: fix several bugs
>     
>     1. add cgroup_get_subsys_abspath() which returns the absolute
>     path for a subsystem mount, and use that where needed to actually
>     set cgroup values
>     
>     2. cgroup_devices_has_{allow,deny}: don't mix int and boolean
>     values.  Also, accept 'a *:* rwm" as any whitelist entry for
>     has_allow().
>     
>     3. subsys_lists_match(): fix an off-by-one error in calculating
>     updated oldlen.  (we need to keep the extra char for '\0')
>     
>     4. return -1, not 0, if lxc_cgroup_attach fails to open
>     /proc/self/cgroup.
>     
>     Signed-off-by: Ubuntu <ubuntu at ip-10-181-158-15.ec2.internal>
> 
> commit c9ec905567952830d58a14d1e3a3ea4e1f8b0041
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Mon Aug 19 00:52:44 2013 +0200
> 
>     python/attach: Add function that returns personality for architecture
>     
>     Adds the arch_to_personality function that looks up an architecture
>     and returns the corresponding personality. This may be used in
>     conjunction with the attach/attach_wait keyword argument.
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 01bfae14dd898fecf0bd130e47a62a3155f619d0
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Mon Aug 19 00:52:43 2013 +0200
> 
>     python/attach: export CLONE_NEW* constants to Python
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 4f17323e79969a98604bc30a8cc24cf083d474c3
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Mon Aug 19 00:52:40 2013 +0200
> 
>     cgroup: minor bugfixes so start and attach work again
>     
>     This fixes some minor bugs in the cgroup logic that made start and
>     attach fail (at least when all cgroup controllers were mounted
>     together).
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 9c6694b7073a6ebfd1da4950e0c8db4b91530202
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Mon Aug 19 00:52:42 2013 +0200
> 
>     python/attach: Fix minor memory leaks
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a9cab7e39b101b89470e2e4109c14e7f17218032
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Mon Aug 19 00:52:41 2013 +0200
> 
>     attach: Fix minor memory leak in environment variable handling
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 55c76589fd19e5f04697dcfd0084039cd77ef304
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Mon Aug 19 14:37:20 2013 +0200
> 
>     Remove all trailing whitespaces
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 37fc7b9e2eca60e838bf5bf061bd8a8206e4fa9d
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 16:55:40 2013 +0200
> 
>     Fix lxc-user-nic to work on bionic
>     
>     This adds a couple of missing includes, uses the local version of
>     getline on bionic and replaces getpwuid_r by getpwuid.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit e768f9c0f69df1f02f8252fead6d82648b410bd8
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 16:42:39 2013 +0200
> 
>     Add missing namespace.h include
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 511a6936c7062d59dd9335ef16d9165d19c45604
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 16:40:48 2013 +0200
> 
>     Allow building without confstr
>     
>     We use confstr to grab the default PATH value. If it's not there, just
>     use a standard one with bin and sbin for /, /usr and /usr/local.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 1a2e58cf55979749ea76835d0b36327c051c2715
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 15:38:13 2013 +0200
> 
>     Don't define new_personality when building without personalities
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 5ec279894e8b1275b6cbfaaddb425e8f56639bdc
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 15:35:51 2013 +0200
> 
>     Add missing sys/socket.h include
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a3da2f3bd755165c50c5c7fb55c2bfcb042fb3d8
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 15:35:06 2013 +0200
> 
>     Define SOCK_CLOEXEC when missing
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 7f3e12f3e5223c6a6c34bafdf47df86f66078963
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 15:22:28 2013 +0200
> 
>     Use srand/rand instead of initstate/random
>     
>     initstate/random doesn't work on bionic, srand/rand works on everything,
>     so let's use that.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2e74d6f3744e5aef2e01f1f295472ffdb58f1929
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 15:10:13 2013 +0200
> 
>     Include stdio.h in getline.h for FILE
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 120ce443c466fb1d286ffd200ca22a1e9db7284c
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 15:08:39 2013 +0200
> 
>     Import local getline copy on bionic
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2b89a9c19db30894e2476a5a750c443dee339d70
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 15:05:52 2013 +0200
> 
>     Add missing sys/select.h include for fd_set
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ec346ea11f76d0797035c476794104a3230531f9
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 12:28:17 2013 +0200
> 
>     Add missing syscall.h include to utils.h
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 180edd67022017351a6546b4aa79bcaefada01c8
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 12:25:28 2013 +0200
> 
>     Add arm defines for __NR_signalfd(4)
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 590ae889334b01a59606a1a8952d976098bd6123
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 12:22:38 2013 +0200
> 
>     Android now uses a sane clone() definition
>     
>     The current Android NDK provides a clone() defintion that's identical to
>     eglibc's so we can drop the ifdef from that one.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit bff13ba210ed61f756fc82adce1921f84b43ffe0
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 12:19:44 2013 +0200
> 
>     Define BLKGETSIZE64 and LO_FLAGS_AUTOCLEAR
>     
>     Those two aren't always around (specifically on bionic), so add some
>     defines in case they aren't already defined.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 92adc3e911314a6f90986d8410ec0ff4b82c9f79
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 12:18:15 2013 +0200
> 
>     Export the local getmntent_r implementation
>     
>     New code now uses getmntent_r so we need it exported so that it can be
>     used when building on bionic.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit c32981c3fb1bf5191052fb1c348bdc8b9e7c1b15
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 11:53:11 2013 +0200
> 
>     Replace all calls to rindex by strrchr
>     
>     The two functions are identical but strrchr also works on Bionic.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 4ba0d9af63fbf7e9acfa068a1fe36b3d287b9c6b
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 11:47:10 2013 +0200
> 
>     Add a local implementation of ifaddrs.h
>     
>     This adds a local ifaddrs implementation to be used on Bionic or other C
>     libraries that don't come with a getifaddrs implementation.
>     
>     This code was written by Kenneth MacKay and is under a two-clause BSD
>     license (copyright information in the file headers).
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d24d56d7ee3420bb79238ff84cad07c20cf4757d
> Author: Scott Moser <smoser at ubuntu.com>
> Date:   Fri Aug 16 16:47:32 2013 -0400
> 
>     ubuntu-cloud-prep: patch /sbin/start for overlayfs
>     
>     upstart depends on inotify, and overlayfs does not support inotify.
>     
>     That means that the following results in 'tgt' not running. tgt is simply
>     used here as an example of a service that installs an upstart job and
>     starts it on package install.
>      lxc-clone -s -B overlayfs -o source-precise-amd64 -n test1
>      lxc-start -n test1
>      ..
>      apt-get install tgt
>     
>     The change here is to modify /sbin/start inside the container so that when
>     something explicitly tries 'start', it results in an explicit call to
>     'initctl reload-configuration' so that upstart is aware of the newly
>     placed job.
>     
>     Should overlayfs ever gain inotify support, this should still not cause
>     any harm.
>     
>     Signed-off-by: Scott Moser <smoser at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit e3fdf5cc9c60eb97f8520f059ad1a09d3f73509d
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Aug 16 15:50:25 2013 -0500
> 
>     lxc-clone: default to overlaysf for -s clone of dir
>     
>     If you go to the trouble to request a -s (snapshot) clone of
>     a container which is dir backingstore, then you deserve an
>     overlayfs clone.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 6fe93aa1877359365a07d9110e0e2dbfb3b0205f
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Aug 16 13:34:36 2013 -0500
> 
>     cgroup.c: remove spurious ERROR messages
>     
>     Because they are in probing functions.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit d74325c436457b87b17e3ea598a9eb4ba66e0d49
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 14:57:44 2013 +0200
> 
>     Replace a few more str(n)dupa by str(n)dup + free
>     
>     strdup and strndup still don't exist on bionic, so we need to do the
>     alloc() call ourselves or free the memory by hand.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 1d374b9725e53d8b099970c1b501d56d599c4772
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 16 12:09:02 2013 +0200
> 
>     Add attach_options.h to the list of included files
>     
>     Without this, make dist doesn't include it and LXC fails to build.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit fbbf51926e113e5e70d6ea507ed7d1019d0e0aa8
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Aug 15 15:37:30 2013 -0500
> 
>     document new lxc-create btrfs behavior
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d44e88c26690a56f9efac58f602dba06c9ec0c90
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Aug 15 12:55:50 2013 -0500
> 
>     bdev: support -B best and -B lvm,dir
>     
>     -B dev will check whether btrfs, zfs, or lvm can be used,
>     in that order, and fall back to dir.
>     
>     -B lvm,btrfs will try lvm first, then btrfs, then fail.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d3060bd055eac45c1767e1e80fcaba763eb7477d
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Aug 15 12:22:26 2013 -0500
> 
>     bdev_create: don't default to btrfs if possible
>     
>     Ideally it would be great to default to a btrfs subvolume for each new
>     container created.  However, this is not as we previously thought
>     without consequence.  'rsync --one-file-system' will not descend into
>     btrfs subvolumes.  This means that 'lxc-create -B _unset' will cause
>     different behavior for rsync -vax /var/lib/lxc based on whether that
>     fs is btrfs or not.
>     
>     So don't do that.  If -B is not specified, use -B dir.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d007f8ab3da297ed0de884e0c6e57a66de2fcb42
> Author: Alexander Vladimirov <alexander.idkfa.vladimirov at gmail.com>
> Date:   Thu Aug 15 14:27:05 2013 +0800
> 
>     Add subdir-objects option to AM_INIT_AUTOMAKE
>     
>     Fix build with automake 1.14 and newer, since it requires explicit
>     setting now.
>     
>     Signed-off-by: Alexander Vladimirov <alexander.idkfa.vladimirov at gmail.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit bf7d3153c925ca1404662a8fe031da27308f4187
> Author: Michael H. Warfield <mhw at WittsEnd.com>
> Date:   Thu Aug 15 13:57:50 2013 -0400
> 
>     lxc-fedrora: New patch for systemd detection and init configuration.
>     
>     Satoshi Matsumoto certainly had the right idea and in spotting a bug in
>     the lxc-fedora template for systemd detection.  Heart was in the right
>     spot but patch was not what we needed.
>     
>     I've looked the patch code over for systemd support and init/upstart
>     support and modified the logic appropriately.  If /etc/systemd/system
>     exists, we'll do the right thing by systemd.  If /etc/rc.sysinit exists,
>     we'll do the right thing by init / upstart.  If both are installed,
>     we'll trying and accommodate both in case someone is playing games with
>     the two (I've done this).
>     
>     Patch was trivial, just took more time to actually test it and create
>     some containers with it and verify them, than it did to code them.
>     
>     Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3d5e9f4801c0311a6300fc781a4c0a09a6d463fe
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Tue Aug 13 23:04:37 2013 +0200
> 
>     attach: implement remaining options of lxc_attach_set_environment
>     
>     This patch implements the extra_env and extra_keep options of
>     lxc_attach_set_environment.
>     
>     The Python implementation, the C container API and the lxc-attach
>     utility are able to utilize this feature; lxc-attach has gained two new
>     command line options for this.
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d7a09c630b2150636bf4dfb266bc632abd65dfa8
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Tue May 21 14:57:06 2013 +0200
> 
>     python: add attach support
>     
>     Add methods attach() and attach_wait() to the Python API that give
>     access to the attach functionality of LXC. Both accept two main
>     arguments:
>     
>     1. run: A python function that is executed inside the container
>     2. payload: (optional) A parameter that will be passed to the python
>                 function
>     
>     Additionally, the following keyword arguments are supported:
>     
>     attach_flags: How attach should operate, i.e. whether to attach to
>                   cgroups, whether to drop capabilities, etc. The following
>                   constants are defined as part of the lxc module that may
>                   be OR'd together for this option:
>                     LXC_ATTACH_MOVE_TO_CGROUP
>                     LXC_ATTACH_DROP_CAPABILITIES
>                     LXC_ATTACH_SET_PERSONALITY
>                     LXC_ATTACH_APPARMOR
>                     LXC_ATTACH_REMOUNT_PROC_SYS
>                     LXC_ATTACH_DEFAULT
>     namespaces: Which namespaces to attach to, as defined as the flags that
>                 may be passed to the clone(2) system call. Note: maybe we
>                 should export these flags too.
>     personality: The personality of the process, it will be passed to the
>                  personality(2) syscall. Note: maybe we should provide
>                  access to the function that converts arch into
>                  personality.
>     initial_cwd: The initial working directory after attaching.
>     uid: The user id after attaching.
>     gid: The group id after attaching.
>     env_policy: The environment policy, may be one of:
>                   LXC_ATTACH_KEEP_ENV
>                   LXC_ATTACH_CLEAR_ENV
>     extra_env_vars: A list (or tuple) of environment variables (in the form
>                     KEY=VALUE) that should be set once attach has
>                     succeeded.
>     extra_keep_env: A list (or tuple) of names of environment variables
>                     that should be kept regardless of policy.
>     stdin: A file/socket/... object that should be used as stdin for the
>            attached process. (If not a standard Python object, it has to
>            implemented the fileno() method and provide a fd as the result.)
>     stdout, stderr: See stdin.
>     
>     attach() returns the PID of the attached process, or -1 on failure.
>     
>     attach_wait() returns the return code of the attached process after
>     that has finished executing, or -1 on failure. Note that if the exit
>     status of the process is 255, -1 will also be returned, since attach
>     failures result in an exit code of 255.
>     
>     Two default run functions are also provided in the lxc module:
>     
>     attach_run_command: Runs the specified command
>     attach_run_shell: Runs a shell in the container
>     
>     Examples (assumeing c is a Container object):
>     
>     c.attach_wait(lxc.attach_run_command, 'id')
>     c.attach_wait(lxc.attach_run_shell)
>     def foo():
>       print("Hello World")
>       # the following line is important, otherwise the exit code of
>       # the attached program will be -1
>       # sys.exit(0) will also work
>       return 0
>     c.attach_wait(foo)
>     c.attach_wait(lxc.attach_run_command, ['cat', '/proc/self/cgroup'])
>     c.attach_wait(lxc.attach_run_command, ['cat', '/proc/self/cgroup'],
>                   attach_flags=(lxc.LXC_ATTACH_DEFAULT &
>                   ~lxc.LXC_ATTACH_MOVE_TO_CGROUP))
>     
>     Note that while it is possible to execute Python code inside the
>     container by passing a function (see example), it is unwise to import
>     modules, since there is no guarantee that the Python installation
>     inside the container is in any way compatible with that outside of it.
>     If you want to run Python code directly, please import all modules
>     before attaching and only use them within the container.
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b7f2846aabb8c1c59b078b4c529e60ea254432f1
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Tue Aug 13 21:36:58 2013 +0200
> 
>     python: improve convert_tuple_to_char_pointer_array
>     
>     convert_tuple_to_char_pointer_array now also accepts lists and not only
>     tuples when converting to a C array. Other fixes:
>     
>      - some checking that it's actually a list/tuple before trying to
>        convert
>      - off-by-a-few-bytes allocation error
>        (sizeof(char *)*n+1 vs. sizeof(char *)*(n+1)/calloc(...))
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 626ad11bfee3e12e675f51e92920030a6f383b19
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Tue Aug 13 21:33:19 2013 +0200
> 
>     apparmor/attach: make sure buffer is NUL-terminated
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a0e93eeb2293e15a18e6c56271d13907f082c4df
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Tue May 21 14:57:06 2013 +0200
> 
>     Add attach support to container C API
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 61a1d519f472c1ac95c641d974401c932f82be66
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Tue May 21 14:56:00 2013 +0200
> 
>     Add helper functions to convert va_list of char* to char**.
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 9c4693b853c5a9ab2156544ee3334a082cdba420
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Wed May 8 14:57:35 2013 +0200
> 
>     lxc-attach: Completely rework lxc-attach and move to API function
>     
>      - Move attach functionality to a completely new API function for
>        attaching to containers. The API functions accepts the name of the
>        container, the lxcpath, a structure indicating options for attaching
>        and returns the pid of the attached process. The calling thread may
>        then use waitpid() or similar to wait for the attached process to
>        finish. lxc-attach itself is just a simple wrapper around the new
>        API function.
>     
>      - Use CLONE_PARENT when creating the attached process from the
>        intermediate process. This allows the intermediate process to exit
>        immediately after attach and the original thread may supervise the
>        attached process directly.
>     
>      - Since the intermediate process exits quickly, its only job is to
>        send the original process the pid of the attached process (as seen
>        from outside the pidns) and exit. This allows us to simplify the
>        synchronisation logic by quite a bit.
>     
>      - Use O_CLOEXEC / SOCK_CLOEXEC on (hopefully) all FDs opened in the
>        main thread by the attach logic so that other threads of the same
>        program may safely fork+exec off. Also, use shutdown() on the
>        synchronisation socket, so that if another thread forks off without
>        exec'ing, the synchronisation will not fail. (Not tested whether
>        this solves this issue.)
>     
>      - Instead of directly specifying a program to execute on the API
>        level, one specifies a callback function and a payload. This allows
>        code using the API to execute a custom function directly inside the
>        container without having to execute a program. Two default callbacks
>        are provided directly, one to execute an arbitrary program, another
>        to execute a shell. The lxc-attach utility will always use either
>        one of these default callbacks.
>     
>      - More fine-grained control of the attached process on the API level
>        (not implemented in lxc-attach utility yet, some may not be sensible):
>          * Specify which file descriptors should be stdin/stdout/stderr of
>            the newly created process. If fds other than 0/1/2 are
>            specified, they will be dup'd in the attached process (and the
>            originals closed). This allows e.g. threaded applications to
>            specify pipes for communication with the attached process
>            without having to modify its own stdin/stdout/stderr before
>            running lxc-attach.
>          * Specify user and group id for the newly attached process.
>          * Specify initial working directory for the newly attached
>            process.
>          * Fine-grained control on whether to do any, all or none of the
>            following: move attached process into the container's init's
>            cgroup, drop capabilities of the process, set the processes's
>            personality, load the proper apparmor profile and (for partial
>            attaches to any but not mount-namespaces) whether to unshare the
>            mount namespace and remount /sys and /proc. If additional
>            features (SELinux policy, SMACK policy, ...) are implemented,
>            flags for those may also be provided.
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 650468bb4a5c9a6c69b524f574e8d0f315f45c37
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Tue May 21 11:58:35 2013 +0200
> 
>     Fix return type of read/write utility functions.
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b93aac46f2802b3639c1ac2ed0cf71174673d110
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Aug 14 15:01:40 2013 -0500
> 
>     lxc-stop: exit with 1 or 2, not -1 or -2.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 01e6b7148046c3f41849d093bc61454279792b80
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Aug 14 14:58:48 2013 -0500
> 
>     lxc_destroy: print an error if the container is not defined.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b98f7d6ed1b89b6452af4a2b5e27d445e4b3a138
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Aug 9 23:47:37 2013 -0500
> 
>     cgroups: rework to handle nested containers with multiple and partial mounts
>     
>     Currently, if you create a container and use the mountcgruop hook,
>     you get the /lxc/c1/c1.real cgroup mounted to /.  If you then try
>     to start containers inside that container, lxc can get confused.
>     This patch addresses that, by accepting that the cgroup as found
>     in /proc/self/cgroup can be partially hidden by bind mounts.
>     
>     In this patch:
>     
>     Add optional 'lxc.cgroup.use' to /etc/lxc/lxc.conf to specify which
>     mounted cgroup filesystems lxc should use.  So far only the cgroup
>     creation respects this.
>     
>     Keep separate cgroup information for each cgroup mountpoint.  So if
>     the caller is in devices cgroup /a but cpuset cgroup /b that should
>     now be ok.
>     
>     Change how we decide whether to ignore failure to set devices cgroup
>     settings.  Actually look to see if our current cgroup already has the
>     settings.  If not, add them.
>     
>     Finally, the real reason for this patch: in a nested container,
>     /proc/self/cgroup says nothing about where under /sys/fs/cgroup you
>     might find yourself.  Handle this by searching for our pid in tasks
>     files, and keep that info in the cgroup handler.
>     
>     Also remove all strdupa from cgroup.c (not android-friendly).
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 070a4b8e68a6bf9a96c24ded47974388c83f1d57
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Aug 9 21:08:28 2013 -0500
> 
>     lxc-user-nic: specify config and db files in autoconf
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 20ab58c777136a449b3199e0733b62fa87ecfa61
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Aug 9 14:48:35 2013 -0500
> 
>     add lxc-user-nic
>     
>     It is meant to be run setuid-root to allow unprivileged users to
>     tunnel veths from a host bridge to their containers.  The program
>     looks at /etc/lxc/lxc-usernet which has entries of the form
>     
>     	user type bridge number
>     
>     The type currently must be veth.  Whenver lxc-user-nic creates a
>     nic for a user, it records it in /var/lib/lxc/nics (better location
>     is needed).  That way when a container dies lxc-user-nic can cull
>     the dead nic from the list.
>     
>     The -DISTEST allows lxc-user-nic to be compiled so that it uses
>     files under /tmp and doesn't actually create the nic, so that
>     unprivileged users can compile and test the code.  lxc-test-usernic
>     is a script which runs a few tests using lxc-usernic-test, which
>     is a version of lxc-user-nic compiled with -DISTEST.
>     
>     The next step, after issues with this code are raised and addressed,
>     is to have lxc-start, when running unprivileged, call out to
>     lxc-user-nic (will have to exec so that setuid-root is honored).
>     On top of my previous unprivileged-creation patchset, that should
>     allow unprivileged users to create and start useful containers.
>     
>     Also update .gitignore.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3fb18be95747034bf36f46be11b0eb288b2ec1b4
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Aug 14 09:57:12 2013 -0500
> 
>     hooks/Makefile.am: add ubuntu-cloud-prep
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit baece282266318a9bb527cefc85ebf7b6dd7f10e
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 13 13:45:56 2013 -0500
> 
>     lxc.conf.sgml.in: note the arguments and environment variables passed to hooks
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 8bb17b7791777538d8f7cc957939fc871843f218
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 13 00:05:49 2013 -0500
> 
>     mountcgroups: use the right configuration file!
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 79159a86ddb51071055abd7ee08935bc65b9e7a9
> Author: Scott Moser <smoser at ubuntu.com>
> Date:   Sat Aug 10 05:51:21 2013 -0400
> 
>     ubuntu-cloud-prep: cleanup, fix bug with userdata
>     
>     --userdata was broken, completely missing an implementation.
>     This adds that implementation back in, makes 'debug' logic
>     correct, and then also improves the doc at the top.
>     
>     Signed-off-by: Scott Moser <smoser at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 034a01593a4ae10d6f1e49b71afbfff70cfc226c
> Author: Franz Pletz <fpletz at fnordicwalking.de>
> Date:   Mon Aug 12 14:01:39 2013 +0200
> 
>     lxc-destroy: Fix regular expression for getting rootfs
>     
>     The `lxc-destroy` script was using a simple `grep` for extracting
>     `lxc.rootfs` from the lxc config. This regex also matches commented lines
>     and breaks at least removing btrfs subvolumes if the string `lxc.rootfs`
>     is mentioned in a comment. Furthermore, due to the unescaped dot in the
>     regex it would also match other wrong strings like `lxc rootfs`.
>     
>     This patch modifies the regular expression to correctly match the beginning
>     of the line plus potential whitespace characters and the string
>     `lxc.rootfs`.
>     
>     Signed-off-by: Franz Pletz <fpletz at fnordicwalking.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 54e339f91785368a7825b2edaad04c2177a1a382
> Author: Scott Moser <smoser at ubuntu.com>
> Date:   Fri Aug 9 15:37:23 2013 +0100
> 
>     ubuntu-cloud-prep: fix bad declare of VERBOSITY
>     
>     Signed-off-by: Scott Moser <smoser at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 65d8ae9c4a66f5ca85289c02dc06d63261c84619
> Author: Scott Moser <smoser at ubuntu.com>
> Date:   Thu Aug 8 19:16:59 2013 +0100
> 
>     add a clone hook for ubuntu-cloud images
>     
>     This allows ability to now specify '--userdata' arguments to 'create' or
>     to 'clone'. So now, the following means very fast start of instances with
>     different user-data.
>     
>     $ sudo lxc-create -t ubuntu-cloud -n precise -- \
>        -r precise --arch amd64
>     
>     $ sudo lxc-clone -B overlayfs -o precise -s -n ephem1 \
>        --userdata="my.userdata1"
>     $ sudo lxc-clone -B overlayfs -o precise -s -n ephem2 \
>        --userdata="my.userdata2"
>     
>     Also present here is
>      * an improvement to the static list of Ubuntu releases. It uses
>        ubuntu-distro-info if available degrades back to a static list on failure.
>      * moving of the replacement variables to the top of the create template This
>        is just to make it more obvious what is being replaced and put them in a
>        single location.
>     
>     Signed-off-by: Scott Moser <smoser at ubuntu.com>
> 
> commit 1c8e4ee0a08638e35732a0ddd0052ecde49fbecb
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 9 15:06:02 2013 +0200
> 
>     Cleanup Makefile.am
>     
>     Remove some dead code and fix identation, no functional change.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 4a0ba80d62c0d8aeb5c9857749659fdf716c380a
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Aug 9 11:32:55 2013 +0200
> 
>     Replace mktemp() by a new mkifname()
>     
>     Using mktemp() leads to build time warnings and isn't actually
>     appropriate for what we want to do as it's checking for the existence of
>     a file and not a network interface.
>     
>     Replace those calls by an equivalent mkifname() function which uses the
>     same template as mktemp but instead checks for existing network
>     interfaces.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b40a606e52c788db85fe1c42d3747483d159b6a5
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Aug 6 14:56:48 2013 -0500
> 
>     Logging: don't confuse command line and config file specified values
>     
>     Currently if loglevel/logfile are specified on command line in a
>     program using LXC api, and that program does any
>     container->save_config(), then the new config will be saved with the
>     loglevel/logfile specified on command line.  This is wrong, especially
>     in the case of
>     
>     cat > lxc.conf << EOF
>     lxc.logfile=a
>     EOF
>     
>     lxc-create -t cirros -n c1 -o b
>     
>     which will result in a container config with lxc.logfile=b.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 96532523ef90ea6ce3f08ec7d74c3c850b885e50
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Aug 5 15:20:29 2013 -0500
> 
>     lxc-clone: don't s/oldname/newname in the config file and hooks
>     
>     1. container hooks should use lxcpath and lxcname from the environment.
>     2. the utsname now gets separately updated
>     3. the rootfs path gets updated by the bdev backend.
>     4. the fstab mount targets should be relative
>     5. the fstab source directories could be separately updated if needed.
>     
>     This leaves one definate bug: the lxc.logfile does not get updated.
>     This made me wonder why it was in the configuration file to begin with.
>     Digging deeper, I realized that whatever '-o outfile' you give
>     lxc-create gets set in log.c and gets used by the lxc_container object
>     we create at write_config().  So if you say
>     	lxc-create -t cirros -n c1 -o /tmp/out1
>     then /var/lib/lxc/c1/config will have lxc.logfile=/tmp/out1 - which is
>     clearly wrong.  Therefore I leave fixing that for later.
>     
>     I'm looking for candidates for $p/$n expansion.  Note we can't expand
>     these at config_utsname() etc, because then lxc-clone would see the
>     expanded variable.  So we want to read $p/$n verbatim at config_*(),
>     and expand them only when they are used.  lxc.logfile is an obvious
>     good use case.  lxc.utsname can do it too, in case you want container
>     c1 to be called "c1-whatever".  I'm not sure that's worth it though.
>     Are there any others, or is that it?
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d273b8abfa24040c8ef0dd73eb1d30ef8dcbec54
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Aug 7 08:53:07 2013 -0500
> 
>     ubuntu-cloud: remove debugging echo
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit c9cbb9e51436f84d7871a50776dccacfd8dc196a
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Jul 26 22:57:10 2013 +0200
> 
>     cgroups: fix the recently broken setting of clone_children
>     
>     Several places think that the current cgroup will be NULL rather
>     than "/" when we're in the root cgroup.  Fix that.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2c495ae35a804e3c12cb9f4826c30295043986ce
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jul 22 23:59:18 2013 -0500
> 
>     cgroup_enter: catch write errors
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit d155b47dac549a5c30c0011923274e3744109c91
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jul 22 15:23:58 2013 -0500
> 
>     define lxc-usernsexec
>     
>     It uses the newuidmap and newgidmap program to start a shell in
>     a mapped user namespace.  While newuidmap and newgidmap are
>     setuid-root, lxc-usernsexec is not.
>     
>     If new{ug}idmap are not available, then this program is not
>     built or installed.  Otherwise, it will be used to support creating,
>     starting, destroying, etc containers by unprivileged users using
>     their authorized subuids and subgids.
>     
>     Example:
>     	usernsexec -m u:0:100000:1 -- /bin/bash
>     
>     will, if the user is authorized to use subuid 100000, start a
>     bash shell in a user namespace where 100000 on the host is
>     mapped to root in the namespace, and the shell is running as
>     (privileged) root.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 469b57873977afcb5d9f5adb00097c944caedd2a
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jul 22 14:09:19 2013 -0500
> 
>     lxclock: use XDG_RUNTIME_DIR for lock if appropriate (v2)
>     
>     If we are euid==0 or XDG_RUNTIME_DIR is not set, then use
>     /run/lock/lxc/$lxcpath/$lxcname as before.  Otherwise,
>     use $XDG_RUNTIME_DIR/lock/lxc/$lxcpath/$lxcname.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Cc: Stéphane Graber <stephane.graber at canonical.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit b60ed720848c8276e4e770d380ec6014768d9923
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 10 12:35:26 2013 -0700
> 
>     A few changes for unprivileged lxc-start
>     
>     When doing reboot test, must add clone_newuser to clone flags, else
>     we can't clone(CLONE_NEWPID).
>     
>     If we don't have caps at lxc-start, don't refuse to start.  Drop the
>     lxc_caps_check() function altogether as it is unused now.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit b113383b84e5fcd2997a939d3f826a06b109e3d9
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Jul 18 22:46:30 2013 -0500
> 
>     send current cgroup to lxc_cgroup_create()
>     
>     This is needed if we're going to have unprivileged users
>     create containers inside cgroups which they own.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 1aad9e44d65e7c20dabc4c99f57bcf532db66c68
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jul 15 20:24:14 2013 -0500
> 
>     ubuntu-cloud: changes to support unprivileged use
>     
>     don't try to lock if using a specified tarball
>     
>     The lock/subsys/lxc-ubuntu-cloud lock is to protect the tarballs
>     managed under /var/cache/lxc/cloud-$release.  Don't lock if we've
>     been handed a tarball.
>     
>     fake device creation
>     
>     Unprivileged users can't create devices, so bind mount null, tty, urandom
>     and console from the host.
>     
>     Changelog:
>     	Jul 22: as Stéphane points out, remove a left-over debug line
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 460bcbd85c97b5a0eac9cf7cead1abde1281cd5a
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed May 8 20:25:06 2013 -0500
> 
>     lxc-create: support unpriv users
>     
>     Just make sure we are root if we are asked to deal with something other
>     than a directory, and make sure we have permission to create the
>     container in the given lxcpath.
>     
>     The templates will need much more work.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 5be56973e5e874a142263dfb164b0b03e18a65f3
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed May 8 20:15:29 2013 -0500
> 
>     templates: require running as root
>     
>     Up to now lxc-create ensured that you were running as root.  Now the
>     templates which require root need to do it for themselves.  Templates
>     which do mknod definately require root.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 4165b2c65648b5df521c6e83b1cbad91d0896a00
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Jul 18 16:08:12 2013 -0500
> 
>     teach lxc-cirros about the --rootfs argument
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 6f259716e75552cf46ee5125bdbd21e34456d0c0
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Jul 17 09:38:28 2013 -0500
> 
>     ubuntu templates: add some kernel filesystems to container fstab
>     
>     The debugfs, fusectl, and securityfs may not be mounted inside a
>     non-init userns.  But mountall hangs waiting for them to be
>     mounted.  So just pre-mount them using $lxcpath/$name/fstab as
>     bind mounts, which will prevent mountall from trying to mount
>     them.
>     
>     If the kernel doesn't provide them, then the bind mount failure
>     will be ignored, and mountall in the container will proceed
>     without the mount since it is 'optional'.  But without these
>     bind mounts, starting a container inside a user namespace
>     hangs.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 8058be395d46cfabf2dacd7df79e95309619986a
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue Jul 16 10:35:02 2013 -0400
> 
>     clone: only update <rootfs>/etc/hostname if it exists
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 819554fe20bbc0ce720b5ed0d5b8e53aeba6b284
> Author: John McFarlane <john at rockfloat.com>
> Date:   Fri Jul 12 14:06:20 2013 -0700
> 
>     Make get_ips timeout poll configurable
>     
>     This commit increases the default timeout used by lxc-start-ephemeral
>     from 5 to 10, and adds support for an LXC_IP_TIMEOUT override.
>     
>     Patchset 2:
>       - Previous patch used a command line arg.
>     
>     Signed-off-by: John McFarlane <john at rockfloat.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 5202677243dcda16ab97c07d497174726198f7ab
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Jul 16 08:11:56 2013 -0500
> 
>     lxccontainer: don't define certain variables if !HAVE_GNUTLS
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 27c27d73e1b1a07e3621484fa033206549e2a1f5
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jul 15 16:42:15 2013 -0500
> 
>     userns: clear and save id_map (v2)
>     
>     Otherwise (a) there is a memory leak when using user namespaces and
>     clearing a config, and (b) saving a container configuration file doesn't
>     maintain the userns mapping.  For instance, if container c1 has
>     lxc.id_map configuration entries, then
>     
>     python3
>     import lxc
>     c=lxc.Container("c1")
>     c.save_config("/tmp/config1")
>     
>     should show 'lxc.id_map =' entries in /tmp/config1.
>     
>     Changelog for v2:
>        1. fix incorrect saving of group types (s/'c'/'g')
>        2. fix typo -> idmap->type should be idmap->idtype
>     
>     Reported-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Dwight Engen <dwight.engen at oracle.com>
>     Tested-by: Dwight Engen <dwight.engen at oracle.com>
> 
> commit 3ce746862b2a2b33f3de65aeecda0bad1a5dd27c
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Jul 12 14:07:23 2013 -0500
> 
>     lxc_create: prepend pretty header to config file (v2)
>     
>     Define a sha1sum_file() function in utils.c.  Use that in lxcapi_create
>     to write out the sha1sum of the template being used.  If libgnutls is
>     not found, then the template sha1sum simply won't be printed into the
>     container config.
>     
>     This patch also trivially fixes some cases where SYSERROR is used after
>     a fclose (masking errno) and missing consts in mkdir_p.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 868a70afead6cc48a4c883126ea3ef01b6ec57e0
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Jul 12 15:33:06 2013 -0500
> 
>     ubuntu-cloud template: accept --rootfs argument
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 6a2e602b1b03617e77dcd4b5f82f34713a970ac4
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Jul 12 14:08:17 2013 -0500
> 
>     remove old lxc-create script.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit dc23c1c817da5c13529432270e51d0f7f3b1e95e
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Jul 12 09:44:41 2013 -0500
> 
>     create: add a quiet flag
>     
>     If set, then fds 0,1,2 will be redirected while the creation
>     template is executed.
>     
>     Note, as Dwight has pointed out, if fd 0 is redirected, then if
>     templates ask for input there will be a problem.  We could simply
>     not redirect fd 0, or we could require that templates work without
>     interaction.  I'm assuming here that we want to do the latter, but
>     I'm open to changing that.
>     
>     Reported-by: "S.Çağlar Onur" <caglar at 10ur.org>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ae13ae0853a246119ddaf9c8cc6d128a21a8988c
> Author: zoolook <nbensa+lxcusers at gmail.com>
> Date:   Thu Jul 11 20:38:02 2013 -0300
> 
>     lxc_clone.c: Allow size subfixes for -L parameter
>     
>     lxc-clone ignores size subfixes (K, M, G) when using -L parameter. The
>     following is a quick patch to allow, for example, lxc-clone -L 10G.
>     
>     Signed-off-by: Norberto Bensa <nbensa at gmail.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 283678ed2ccd88a6ba57fcb28516311adcdb6fac
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Jul 5 19:34:55 2013 -0500
> 
>     Accomodate stricter devices cgroup rules
>     
>     3.10 kernel comes with proper hierarchical enforcement of devices
>     cgroup.  To keep that code somewhat sane, certain things are not
>     allowed.  Switching from default-allow to default-deny and vice versa
>     are not allowed when there are children cgroups.  (This *could* be
>     simplified in the kernel by checking that all child cgroups are
>     unpopulated, but that has not yet been done and may be rejected)
>     
>     The mountcgroup hook causes lxc-start to break with 3.10 kernels, because
>     you cannot write 'a' to devices.deny once you have a child cgroup.  With
>     this patch, (a) lxcpath is passed to hooks, (b) the cgroup mount hook sets
>     the container's devices cgroup, and (c) setup_cgroup() during lxc startup
>     ignores failures to write to devices subsystem if we are already in a
>     child of the container's new cgroup.
>     
>     ((a) is not really related to this bug, but is definately needed.
>     The followup work of making the other hooks use the passed-in lxcpath
>     is still to be done)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit cbee8106e38f9ffa130c7bf8be325f7f203da67a
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Jul 10 23:30:29 2013 -0500
> 
>     lxcapi_create: fix template handling
>     
>     1. If no template is passed in, then do not try to execute it.  The user
>     just wanted to write the configuration.
>     
>     2. If template is passed in as a full path, then use that instead of
>     constructing '$templatedir/lxc-$template'.
>     
>     Reported-by: Wanlong Gao <gaowanlong at cn.fujitsu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 96b3cb407c07915db2cd0542c313a4bff4d1d389
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Jul 10 23:29:20 2013 -0500
> 
>     lxcapi_create: split out the template execution
>     
>     Make it its own function to make both more readable.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit fb75356a85e3097db77386e7c62836a3ee69217f
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue Jul 9 14:44:36 2013 -0400
> 
>     oracle template: use clonehostname hook script
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 1143ed392d2760e8f7aeee88d570bb0ba151885f
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue Jul 9 16:19:45 2013 -0400
> 
>     add clonehostname hook
>     
>     This hook script updates the hostname in various files under /etc in the
>     cloned container. In order to do so, the old container name is passed in
>     the LXC_SRC_NAME environment variable.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b9b3a92f664fe3966decd0411b25fb6b77425e23
> Author: Michael H. Warfield <mhw at WittsEnd.com>
> Date:   Tue Jul 9 15:40:38 2013 -0400
> 
>     lxc-fedora template - Fix retries, use os-release for release, add utsname.
>     
>     Hey all!
>     
>     Patch for the Fedora template.  Several things...
>     
>     1) A month or so ago, I floated an idea of adding an option for utsname
>     which Serge seemed to like but we let it float for more feedback (none
>     came).
>     
>     2) In private mail to Serge and Stéphane I mentioned the idea of using
>     the CPE (Common Platform Enumeration) for host distro and version
>     identification.  I heard back from Serge but not Stéphane.  CPE is a
>     standard promoted by NIST and Mitre (along with CVE and CVSS) as part of
>     the security community as a common identification mechanism.  It's
>     supported by RedHat based distros and many others (notable exception
>     Ubuntu).  I've patched the Fedora template to parse first
>     the /etc/os-release file or, alternatively, the /etc/system-release-cpe
>     file for the distro ID and version instead of the human
>     readable /etc/redhat-release.  There's more that can be done with that
>     in the realm of cross distro container builds, I suspect.
>     
>     3) At the time of working on 1&2 I noticed that the retry logic in the
>     Fedora template just didn't seem right.  I believe I posted a message
>     asking for clarification on that behavior.  A recently post in the
>     -users list indicating that someone could not create a Fedora 19
>     container (because the release ver string was 19-2 and the template was
>     only looking for -1) prompted me to rework the retry logic for handling
>     the mirror list and servers as well as revamp the download logic to
>     properly identify the correct release package.
>     
>     The patch for all of the above is attached below the jump.  It's been
>     tested on Fedora 17 through Fedora 19 hosts and has created containers
>     for F11, F12, F13, F14, F16, F17, F18, and F19.  F15 failed for rpm
>     dependency issues that are not worth fixing (IMHO).
>     
>     Regards,
>     Mike
>     --
>     Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
>        /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
>        NIC whois: MHW9          | An optimist believes we live in the best of all
>      PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
>     
>     --
>     
>     Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3327917f4a991a49ba1562b774c63c45139772eb
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue Jul 9 18:07:26 2013 -0400
> 
>     fix potential out of bounds pointer deref
>     
>     I noticed that if find_first_wholeword() is called with word at the very
>     beginning of p, we will deref *(p - 1) to see if it is a word boundary.
>     Fix by considering p = p0 to be a word boundary.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 9313e1e628160ca64f9e7fcec6500056c9a0725f
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Tue Jul 9 18:30:52 2013 -0400
> 
>     ubuntu: Tweak layout of the config
>     
>     Just add an extra white line to both templates.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 6cda3f5ac1e3a20a97a419923e587d6bdb1fece9
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Mon Jul 8 13:02:52 2013 -0400
> 
>     ubuntu: Fix openssh postinst call in >= saucy
>     
>     The new openssh uses a different mechanism to start/stop the daemon
>     which in turn requires a few tweaks in our template to deal with both
>     the new and old ways of doing that.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b58e60e232a3049d946a3b18e6f21912cd3453f0
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Mon Jul 8 11:01:36 2013 -0400
> 
>     lxc-start-ephemeral: Fix console() and add storage option
>     
>     The introduction of the new console() python API broke
>     lxc-start-ephemeral's console(tty=1) call, I now changed that to
>     console() which does the right thing with both API versions.
>     
>     This also adds a new storage-type option, letting the user choose to use
>     a standard directory instead of tmpfs for the container (but still have
>     it ephemeral).
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 39ffde307ad83bd407aaa6a0d81682902bab248b
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Mon Jul 8 10:46:20 2013 -0400
> 
>     python: Update scripts to respect PEP-8 spec
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit b0f9616f6227f56dce8ca2514610f432ba4fab8a
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Mon Jul 8 10:41:32 2013 -0400
> 
>     python: Re-introduce timeout in get_ips
>     
>     It turns out that most API users want some kind of timeout option for
>     get_ips, so instead of re-implementing it in every single client
>     software, let's just have it as a python overlay upstream.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 18efb001a4498f8fc62ab37f1db552fdf001e798
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri Jul 5 12:17:15 2013 -0400
> 
>     fix sshd template
>     
>     Commit a0a2066d introduced an lxc subdir into the lxc-init path, but
>     this was never reflected in the sshd template. Add it there.
>     
>     Don't have ssh-keygen ask for passphrase since host keys are not
>     supposed to use them.
>     
>     Don't try to symlink kmsg since /dev is bind mounted readonly.
>     
>     Read-only bind mount some extra /etc directories, and sysfs which are
>     needed by dhclient on Fedora and Oracle Linux. Fix mounting of /proc.
>     
>     Find sshd in more places by adding some common paths to $PATH, and
>     use the found path to it instead of hardcoded /usr/sbin.
>     
>     Check for ifconfig command, and print out container's IP address.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ef091cefca5082007678fe82ad01389f7057ca48
> Author: Bogdan Purcareata <bogdan.purcareata at freescale.com>
> Date:   Wed Jul 3 12:00:53 2013 -0400
> 
>     lxcapi_set_cgroup_item: remove duplicate == 0
>     
>     Signed-off-by: Bogdan Purcareata <bogdan.purcareata at freescale.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 9c631ea7c2906f41b23f5c8dcc9f6045078879db
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Jul 1 12:38:23 2013 -0400
> 
>     allow lxc-info to get running container configuration
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 9a15a0f3f8faaa5e0d983f11bcf94dcf492c1349
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Jul 1 12:38:15 2013 -0400
> 
>     fix -c argument handling
>     
>     commit 829dd918 added parsing of a -c argument to both the common options
>     handling and to lxc-start. It is not a common option, and should have only
>     been added to lxc-start. Because the common code is processing it, no other
>     command can use -c. Remove -c from being processed by the common code.
>     Tested that -c still works with lxc-start.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 53f3f04845a9eb60064c302e1f95652f665809f1
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jul 1 15:32:25 2013 -0500
> 
>     lxc_conf_init: make sure strdup succeeded
>     
>     unlikely as a failure may be...
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2e599a6a25b533fe63840edc34ee265811b7b814
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Fri Jun 28 16:56:51 2013 +0200
> 
>     lxc-alpine: make --release work when apk exists
>     
>     Use sed to set the specified alpine release in the copied
>     /etc/apk/repositories
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 982e7b6ea40ea57923f4f094858424debc1a5f7f
> Author: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
> Date:   Wed Jun 26 11:15:00 2013 +0300
> 
>     lxc-alpine: option for specifying the release to be installed
>     
>     Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 85b41c7d7f72213199b5cff9525d17f44b49a842
> Author: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
> Date:   Wed Jun 26 11:14:59 2013 +0300
> 
>     lxc-alpine: automatic repository selection
>     
>     pick random server from mirror list
>     use the latest stable release
>     
>     Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 37cb98a2b7e5c7b0abf69f261a16d759453492f1
> Author: Andrew Gilbert <andrewg800 at gmail.com>
> Date:   Thu Jun 27 08:09:05 2013 -0500
> 
>     Add -n differentiation to lxc-netstat
>     
>     lxc-netstat now only processes an -n argument if it has not previously
>     received a value for $name from --name or -n. If it _has_ received such
>     a value, it stops processing arguments and leaves the -n for netstat.
>     This does not apply to the use of --name after a name has been provided
>     by --name or -n; the current behaviour continues. The new behaviour
>     makes
>     	netstat -n <container> -n -a
>     behave like
>     	netstat -n <container> -a -n
>     which already will act as though there is '--' between '<container>' and
>     '-a' (see line 91 of lxc-netstat.in).
>     
>     Signed-off-by: Andrew Gilbert <andrewg800 at gmail.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 1a7cb0850405b271b7bedacd243235f29cd368df
> Author: Andrew Gilbert <andrewg800 at gmail.com>
> Date:   Thu Jun 27 08:07:14 2013 -0500
> 
>     Add double-dash to lxc-netstat re-call arguments
>     
>     When lxc-netstat was called by lxc-unshare, it would be given the
>     arguments intended for netstat from the first invocation, but without
>     anything to separate them from the arguments intended for lxc-netstat.
>     This meant that netstat arguments like -n would result in lxc-netstat
>     trying to process them.
>     
>     Signed-off-by: Andrew Gilbert <andrewg800 at gmail.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 176d9acb2ec17211a0d69bd2bd99f914fad8d7ad
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Jun 21 14:16:42 2013 -0500
> 
>     api_clone: don't remove storage if we haven't created it
>     
>     In the best case we'll get errors about failing to remove it.  In the
>     worst case we'll be trying to delete the original container's rootfs.
>     
>     Reported-by: zoolook <nbensa+lxcusers at gmail.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ae3f8cf9a4a03c62c6c12968b38b2352388df91c
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Jun 21 14:15:42 2013 -0500
> 
>     Accept more word delimiters when updating hooks
>     
>     When updating container names in hook files during a container clone,
>     we substitute the new container name for the old any time the old name
>     shows up as a separate word.  This patch adds the four characters
>     '.,_-' as additional delimiters.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 618fa49dddbedd2b7319c0089dffd8d65aef8369
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Wed Jun 19 14:12:37 2013 -0400
> 
>     lxc-start-ephemeral: Fix get_ips call
>     
>     The timeout option in get_ips has been deprecated, so work around it.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 54c30e290876c5fa6e4c7b5a511580793e4777e3
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Jun 18 14:52:24 2013 -0500
> 
>     conf.c: always strdup rootfs.mount
>     
>     The reason is that the generic code which handles reading
>     lxc.rootfs.mount always frees the old value if not NULL.
>     So without this setting lxc.rootfs.mount = /mnt causes
>     segfault.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 37903589a2de0cbd62f94c5fd06d0aa8d57ca140
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Jun 13 10:06:15 2013 -0500
> 
>     don't set up console for lxc-execute
>     
>     Currently due to some safety checks for !rootfs.path, lxc-execute works
>     ok if you do not set lxc.rootfs at all in your lxc.conf. But if you
>     set lxc.rootfs = '/', then it sets up console, and when you do an
>     lxc-execute, the console appears hung.
>     
>     However the lxc.rootfs NULL check was just incidental to not dereference
>     a NULL pointer.  In fact we should not be setting up a console if the
>     container isn't running a full-fledged distro with a getty/login
>     running on the container's /dev/console.
>     
>     Have lxc_execute() mark in lxc_conf that this is a lxc-execute and not
>     an lxc-start, and don't set up the console.
>     
>     The issue is documented at https://sourceforge.net/p/lxc/bugs/67/ .
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Dwight Engen <dwight.engen at oracle.com>
> 
> commit b515981702133b9aaea1aff378493f054c14d46c
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed Jun 12 08:09:16 2013 -0700
> 
>     console API improvements
>     
>     Add a higher level console API that opens a tty/console and runs the
>     mainloop as well. Rename existing API to console_getfd(). Use these in
>     the python binding.
>     
>     Allow attaching a console peer after container bootup, including if the
>     container was launched with -d. This is made possible by allocation of a
>     "proxy" pty as the peer when the console is attached to.
>     
>     Improve handling of SIGWINCH, the pty size will be correctly set at the
>     beginning of a session and future changes when using the lxc_console() API
>     will be propagated to it as well.
>     
>     Refactor some common code between lxc_console.c and console.c. The variable
>     wait4q (renamed to saw_escape) was static, making the mainloop callback not
>     safe across threads. This wasn't a problem when the callback was in the
>     non-threaded lxc-console, but now that it is internal to console.c, we have
>     to take care of it. This is now contained in a per-tty state structure.
>     
>     Don't attempt to open /dev/null as the console peer since /dev/null cannot
>     be added to the mainloop (epoll_ctl() fails with EPERM). This isn't needed
>     to get the console setup (and the log to work) since the case of not having
>     a peer at console init time has to be handled to allow for attaching to it
>     later.
>     
>     Move signalfd libc wrapper/replacement to utils.h.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 5d4d3ebb13705d1e102429c75fc06932f81816dd
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Wed Jun 12 11:18:04 2013 +0200
> 
>     lxc-init: continue even if we fail to mount /dev/mqueue
>     
>     The 'lxc-init' (a lightweight init process used by lxc-execute in place
>     of upstart etc) tries to mount /dev/mqueue during startup. If that fails
>     (for instance due to missing support for mqueue in kernel) then it
>     aborts execution and returns -1. This is unreasonable as very few
>     applications actually need /dev/mqueue.
>     
>     This similar to what we do with /dev/shm.
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 71b0fed669a088675c1344ed68b250e87414c998
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Jun 5 17:37:03 2013 -0500
> 
>     lxclock: move container locks into /run/lock
>     
>     Currently the lxc API mutexes configuration file read/writes with a
>     lock called $lxcpath/locks/$lxcname.  This fails if the container
>     is on a rofs.
>     
>     This patch moves those locks under /run/lock/lxc.
>     
>     The $lxcpath/$lxcname/partial file is not moved - if you can't
>     create it, you probably can't create the container either.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 54b79829e23e01998eeafb8156987937a894af3c
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jun 10 11:52:44 2013 -0500
> 
>     lxc_stop: return success if api_shutdown succeeded
>     
>     I originally forgot to set ret = 0 if it succeeded, meaning that a
>     simple 'lxc-stop -n container1' returns failure even though the
>     stop succeeded.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 6e46cfcb0e4fcaa2d920a3c473f83c0a73c68cfa
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jun 10 09:34:06 2013 -0500
> 
>     conf.c: if we don't specify a rootfs, we still need proc mounted
>     
>     otherwise we won't be allowed to set an apparmor context (on pid 1)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit fabf7361da4845cd6cf268e0e85c3c6a1c0b0be4
> Author: Qiang Huang <h.huangqiang at huawei.com>
> Date:   Fri Jun 7 15:27:32 2013 +0800
> 
>     lxc-execute: allow lxc-init to log only when we have a valid log level
>     
>     Right now if we use lxc-execute without log level set, we get error:
>     lxc: invalid log priority NOTSET.
>     Because we set log level manually in execute_start(), but didn't
>     check if we have a valid log level or not, so fix it.
>     
>     Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 38973621a40a5657b067409321d54759520d7951
> Author: Weng Meiling <wengmeiling.weng at huawei.com>
> Date:   Thu Jun 6 19:59:31 2013 +0800
> 
>     lxc-ps: display process when container is frozen
>     
>     When we use lxc-ps to show the process, it's  more appropriate to
>     show process when container is frozen.
>     
>     Signed-off-by: Weng Meiling <wengmeiling.weng at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 31f58b3fcec322dba1eed71e364335c30500066c
> Author: Rui Xiang <rui.xiang at huawei.com>
> Date:   Sat Jun 8 18:04:47 2013 +0800
> 
>     lxc-monitord: remove hard code execvp path of lxc-monitord
>     
>     Sometimes, the path of lxc tools is not '/usr/bin', but
>     '/usr/local/bin' or other. Then execvp lxc-monitord will fail
>     in lxc_monitord_spawn.
>     
>     Signed-off-by: Rui Xiang <rui.xiang at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit f02abefef9a59658c813e08f86a91fbe09eabf00
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri Jun 7 10:07:36 2013 -0400
> 
>     fix check for lock acquired
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 93dc5327aa0c2b13d619b8bedf893eea983d4d68
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Jun 5 11:56:30 2013 -0500
> 
>     lxclock and lxccontainer: switch from flock to fcntl
>     
>     flock is not supported on nfs.  fcntl is at least supported on newer
>     (v3 and above) nfs.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Tested-by: zoolook <nbensa+lxcusers at gmail.com>
> 
> commit 1af60b514fc9d8da2b4485e9e8845619fb6c6b68
> Author: Weng Meiling <wengmeiling.weng at huawei.com>
> Date:   Tue Jun 4 20:52:27 2013 +0800
> 
>     lxc-ps: fix the display problem with arg --lxc
>     
>     When we use arg --lxc to show processes in all containers, no
>     process displays, so fix it.
>     
>     (Changelog: Serge: in-line fix of s/;;/;/ at line 69)
>     
>     Signed-off-by: Weng Meiling <wengmeiling.weng at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit eddaaafd1a9b02ba39e5b6b13d40b4a5d37a04e1
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Jun 2 15:39:35 2013 -0500
> 
>     implement loopback backing store
>     
>     Create a loopfile backed container by doing:
>     
>     	lxc-create -B loop -t template -n name
>     
>     or
>     
>     	lxc-clone -B loop -o dir1 -n loop1
>     
>     The rootfs in the configuration file will be
>     
>     	loop:/var/lib/lxc/loop1/rootdev
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit f002c8a7655e42a325ef6bad9fb0844fad4e410b
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jun 3 18:19:01 2013 +0200
> 
>     lxc_create: support 'lxc-create -t <template> -h'
>     
>     With the lxc-create script, 'lxc-create -t template -h' used to call
>     'template -h' to get template-specific help.  The api based lxc-create
>     did not yet support that.
>     
>     Add a 'helpfn' method to the lxc_arguments, which is called at the end
>     of printhelp, and passed the lxc_arguments.  Use that in lxc_create to
>     reintroduce the desired behavior.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 4c1f6b67d9b842d9e5c293eea2ff19301ecc5596
> Author: Qiang Huang <h.huangqiang at huawei.com>
> Date:   Mon Jun 3 09:48:14 2013 +0800
> 
>     lxc-destroy: fix the wrong help info of lxc-destroy
>     
>     Changelog: jun 3: (Serge) trivial typo fix inline.
>     
>     Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3155e7f954d4b5d7da528d2a3cd8be254432e3c3
> Author: Qiang Huang <h.huangqiang at huawei.com>
> Date:   Mon Jun 3 09:48:13 2013 +0800
> 
>     lxc-create: fix the typo in help info
>     
>     Fix typo in help info of lxc-create, and get rid of duplicate
>     comments in bdev.h
>     
>     Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 63c3090c913142cd19f443b040cdede2c0522ce8
> Author: Qiang Huang <h.huangqiang at huawei.com>
> Date:   Mon Jun 3 09:48:12 2013 +0800
> 
>     arguments: should return negative number when error happens
>     
>     We should return -ENOMEM instead of ENOMEM when realloc fails.
>     
>     Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 44ef0c0c7200ef4e8783387d886d3748da3d50fd
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Jun 3 10:47:21 2013 -0500
> 
>     lxcapi_create: don't close stdin/out/err
>     
>     Otherwise we can't see template progress.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 569bee5cc3d647032573db8f72734faa9307d577
> Author: Natanael Copa <ncopa at alpinelinux.org>
> Date:   Tue May 28 10:25:14 2013 +0200
> 
>     lxc-alpine: download a static package manager if its missing
>     
>     If the package manager, apk-tools is missing, then:
>      - download a static binary and public keys
>      - verify the keys against embedded checksum
>      - verify the signature of the static binary against the downloaded keys
>      - use the verified static binary
>     
>     Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
>     Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 0a18b5458b6d0fcad9a82b96f99035254af50c7a
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 31 16:09:14 2013 +0200
> 
>     Define LXC_DEFAULT_CONFIG
>     
>     And use it in place of the various ways we were deducing /etc/lxc/default.conf.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 3a647d582dc759e43c2087f0d906adf77c62ab6c
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 31 16:02:33 2013 +0200
> 
>     configure/makefile: rename default_conf to distro_conf
>     
>     configure/makefile: rename default_conf to distro_conf, since it is a per-distro
>     default.  Then we'll be able to use the symbol LXC_DEFAULT_CONF in the code to
>     refer to the installed file.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 3bc449ed24edc4b754cbe0af19fe878d29731f59
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 31 07:55:14 2013 -0500
> 
>     lxccontainer: update locking comment
>     
>     Update the LOCKING comment.
>     
>     Take mem_lock in want_daemonize.
>     
>     convert lxcapi_destroy to not use privlock/slock by hand.
>     
>     Fix a coverity-found potential dereference of NULL c->lxc_conf.
>     
>     api_cgroup_get_item() and api_cgroup_set_item(): use disklock,
>     not memlock, since the values are set through the cgroup fs on
>     the running container.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 73e608b21f73509c5f8c7a948cc6d4b0898edb2c
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu May 30 11:22:16 2013 -0500
> 
>     waitpid at abort to make sure we can rmdir cgroups
>     
>     If we abort the container start, and don't wait for the init task to be
>     reaped after we kill it, then we can't remove the container cgroup
>     because it is not empty.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 39dc698cb4025516a3428a68e19da05feb6fc0e9
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed May 29 12:26:25 2013 -0500
> 
>     lxccontainer: don't lock around getstate and freeze/unfreeze (v2)
>     
>     Those go through commands.c and are already mutex'ed that way.
>     
>     Also remove a unmatched container_disk_unlock in lxcapi_create.
>     
>     Since is_stopped uses getstate which is no longer locked, rename
>     it to drop the _locked suffix.
>     
>     And convert save_config to taking the disk lock.  This way the
>     save_ and load_config are mutexing each other, as they should.
>     
>     Changelog: May 29:
>        Per Dwight's comment, take the lock before opening the config
>           FILE *.
>        Only take disklock at load and save_config when we're using the
>        container's config file, not when read/writing from/to another
>        file.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Dwight Engen <dwight.engen at oracle.com>
> 
> commit 0115f8fd27b1a31d367bb161a121694f92b45e62
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 28 15:25:41 2013 -0400
> 
>     add console to lxc api
>     
>     Make lxc_cmd_console() return the fd from the socket connection to the
>     caller. This fd keeps the tty slot allocated until the caller closes
>     it. Returning the fd allows for a long lived process to close the fd
>     and reuse consoles.
>     
>     Add API function for console allocation.
>     
>     Create test program for console API.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3db989bad5d58bafac80f448e1dd2d048e791478
> Author: Qiang Huang <h.huangqiang at huawei.com>
> Date:   Mon May 27 19:10:38 2013 +0800
> 
>     lxc-console: use fd instead of 0 in setup_tios
>     
>     We should use the fd specified by caller.
>     
>     Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit dc5e436e702f0bf4001e3e6e9f855443b2fcf448
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 28 15:18:22 2013 -0400
> 
>     lxc.spec.in: remove lxc-shutdown (for commit 3e625e2d)
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 5790f7b7a76b9ccff662fdd6ff0013b8f218d020
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue May 28 15:27:42 2013 -0500
> 
>     api_clone: call is_stopped_locked() to avoid deadlock.
>     
>     Technically as Dwight has mentioned we should probably drop the locking
>     from api_state() altogether, since those are protected through the
>     lxc command system.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 64f782ca69c70fd155427a81d69fda593981e770
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue May 28 14:07:43 2013 -0500
> 
>     lxc.conf.sgml.in: fill in missing configuration file statements
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 1897e3bcd36af9f3fe6d3649910a9adb93e5e988
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 17 23:23:17 2013 +0200
> 
>     Move container creation fully into the api
>     
>     1. implement bdev->create:
>     
>     python and lua: send NULL for bdevtype and bdevspecs.
>     They'll want to be updated to pass those in in a way that makes
>     sense, but I can't think about that right now.
>     
>     2. templates: pass --rootfs
>     
>     If the container is backed by a device which must be mounted (i.e.
>     lvm) then pass the actual rootfs mount destination to the
>     templates.
>     
>     Note that the lxc.rootfs can be a mounted block device.  The template
>     should actually be installing the rootfs under the path where the
>     lxc.rootfs is *mounted*.
>     
>     Still, some people like to run templates by hand and assume purely
>     directory backed containers, so continue to support that use case
>     (i.e. if no --rootfs is listed).
>     
>     Make sure the templates don't re-write lxc.rootfs if it is
>     already in the config.  (Most were already checking for that)
>     
>     3. Replace lxc-create script with lxc_create.c program.
>     
>     Changelog:
>     May 24: when creating a container, create $lxcpath/$name/partial,
>     and flock it.  When done, close that file and unlink it.  In
>     lxc_container_new() and lxcapi_start(), check for this file.  If
>     it is locked, create is ongoing.  If it exists but is not locked,
>     create() was killed - remove the container.
>     
>     May 24: dont disk-lock during lxcapi_create.  The partial lock
>     is sufficient.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 60bf62d4ae36a48342fb8aee680fbd4b423810b1
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 17 07:20:10 2013 +0200
> 
>     destroy: implement in the api
>     
>     This requires implementing bdev->ops->destroy() for each of the backing
>     store types.  Then implementing lxcapi_clone(), writing lxc_destroy.c
>     using the api, and removing the lxc-destroy.in script.
>     
>     (this also has a few other cleanups, like marking some functions
>     static)
>     
>     Changelog:
>     	fold into destroy: fix zfs destroy
>     	destroy: use correct program name in help
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3e625e2d2e12b919dd9590b97badc6108ee67b1a
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu May 16 23:03:47 2013 +0200
> 
>     lxc-stop: use api, remove lxc_shutdown, extend lxc-stop functionality
>     
>     implement c->reboot(c) in the api.
>     
>     Also if the container is not running, return -2.  Currently
>     lxc-stop will return 0, so you cannot tell the difference
>     between successfull stopping and noop.
>     
>     Per stgraber's email:
>     
>      - Remove lxc-shutdown
>      - Change lxc-stop so that:
>        * Default behaviour is to call shutdown(), wait 15s for STOPPED, if
>     not STOPPED, print a message to the user and call stop() [ NOTE:
>     actually 60 seconds per followup thread]
>        * We have a -r option to reboot the container (with proper check that
>     the container indeed rebooted within the next 15s)
>        * We have a -s option to shutdown the container without the automatic
>     fallback to stop()
>        * Add a -k option allowing a user to just kill a container
>     (equivalent to old lxc-stop, no shutdown() call and no delay).
>     
>     and update manpages.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 5cee8c5040661f9875bf41cfffd641c87afae8af
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 24 16:03:22 2013 -0500
> 
>     locking: update per Dwight's comment
>     
>     Create three pairs of functions:
>     	int process_lock(void);
>     	void process_unlock(void);
>     	int container_mem_lock(struct lxc_container *c)
>     	void container_mem_unlock(struct lxc_container *c)
>     	int container_disk_lock(struct lxc_container *c);
>     	void container_disk_unlock(struct lxc_container *c);
>     
>     and use those in lxccontainer.c
>     
>     process_lock() is to protect the process state among multiple threads.
>     container_mem_lock() is to protect a struct container among multiple
>     threads.  container_disk_lock is to protect a container on disk.
>     
>     Also remove the lock in lxcapi_init_pid() as Dwight suggested.
>     
>     Fix a typo (s/container/contain) spotted by Dwight.
>     
>     More locking fixes are needed, but let's first the the fundamentals
>     right.  How close does this get us?
>     
>     Changelog: v2:
>     	fix lxclock compile
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Dwight Engen <dwight.engen at oracle.com>
> 
> commit df271a59cbfcfbe98fa4bd7af3ae595633539a12
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed May 22 16:24:00 2013 -0500
> 
>     lxclock: Replace named sempahore with flock
>     
>     The problem: if a task is killed while holding a posix semaphore,
>     there appears to be no way to have the semaphore be reliably
>     autmoatically released.  The only trick which seemed promising
>     is to store the pid of the lock holder in some file and have
>     later lock seekers check whether that task has died.
>     
>     Instead of going down that route, this patch switches from a
>     named posix semaphore to flock.  The advantage is that when
>     the task is killed, its fds are closed and locks are automatically
>     released.
>     
>     The disadvantage of flock is that we can't rely on it to exclude
>     threads.  Therefore c->slock must now always be wrapped inside
>     c->privlock.
>     
>     This patch survived basic testing with the lxcapi_create patchset,
>     where now killing lxc-create while it was holding the lock did
>     not lock up future api commands.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2acf77955239ec0046451fa16812d2884e6bd19b
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Thu May 23 15:44:39 2013 -0400
> 
>     fix memory leaks in cgroup functions
>     
>     There were several memory leaks in the cgroup functions, notably in the
>     success cases.
>     
>     The cgpath test program was refactored and additional tests added to it.
>     It was used in various modes under valgrind to test that the leaks were
>     fixed.
>     
>     Simplify lxc_cgroup_path_get() and cgroup_path_get by having them return a
>     char * instead of an int and an output char * argument. The only return
>     values ever used were -1 and 0, which are now handled with NULL and non-NULL
>     returns respectively.
>     
>     Use consistent variable names of cgabspath when refering to an absolute path
>     to a cgroup subsystem or file, and cgrelpath when refering to a container
>     "group/name" within the cgroup heirarchy.
>     
>     Remove unused subsystem argument to lxc_cmd_get_cgroup_path().
>     
>     Remove unused #define MAXPRIOLEN
>     
>     Make template arg to lxcapi_create() const
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 6a44839f5973f41553349f1b5e77d8db809e60eb
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Thu May 23 15:39:03 2013 -0400
> 
>     consolidate missing C library functions into utils.h
>     
>     This fixes the build of lxccontainer.c on systems that have __NR_setns
>     but not HAVE_SETNS.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ad5f15151580201b79fc140f664227b494639e81
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Wed May 22 22:28:43 2013 -0400
> 
>     python: Fix lxc-ls's usage of get_ips()
>     
>     The recent port of get_ips() from pure python to the C API came with
>     a couple of API changes for that function call (as were highlighted in
>     the commit message).
>     
>     I somehow didn't notice that lxc-ls was still calling with the old API
>     and so was crashing whenever it was asked to show the ipv4 or ipv6 address.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 5bb4a226ebec9f3fb678a282a2b2833748d6707b
> Author: Michael H. Warfield <mhw at WittsEnd.com>
> Date:   Tue May 21 14:17:25 2013 -0400
> 
>     lxc-fedora template. Cleanup for rootfs.
>     
>     This is just some minor changes in the way the Fedora template is
>     synthesizing the target rootfs_path.  Currently, the template uses a
>     path with the container in it twice like this:
>     
>     /var/lib/lxc/rasputin/rasputin/rootfs
>     
>     This happens because the container name is already contained in the
>     "path" and the template appends it a second time.  This changes the
>     logic to be congruent with other templates such as lxc-arch.  The new
>     behavior will be to create the rootfs like this:
>     
>     /var/lib/lxc/rasputin/rootfs
>     
>     Attached below the jump.
>     
>     Regards,
>     Mike
>     --
>     Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
>        /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
>        NIC whois: MHW9          | An optimist believes we live in the best of all
>      PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
>     --
>     
>     Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 65be441e0892b45000b9b3863d407539e56e47a4
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 21 11:34:45 2013 -0400
> 
>     oracle template: mount /dev/shm as tmpfs
>     
>     sem_open(3) checks that /dev/shm is SHMFS_SUPER_MAGIC. Normally /dev/shm
>     is mounted in the initramfs created by dracut, but that won't be run for
>     a container so make sure that rc.sysinit mounts /dev/shm.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 481624b37b37ffa98b735cf3f94e35d1fbd729e0
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 21 13:30:09 2013 -0400
> 
>     fix build with --enable-tests
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit fa9ac567a7f1593c586cca57362f6b542985e5d7
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue May 21 20:31:04 2013 -0500
> 
>     attach: and cgroup.c: be overly cautious
>     
>     Realistically (as Dwight points out) it doesn't seem possible that
>     getline won't return at least one line in this functions, however
>     just to make absolutely sure we don't get a segv on free(NULL),
>     check line != NULL before freeing it on exit.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 20fe4e8febe40f6fc4e4c6f52b91f0af0232e6f5
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 21 15:36:32 2013 -0400
> 
>     fix getline(3) memory leaks
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit fca3080f6a46f856c54218a8e478a174382b4c15
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 21 13:15:53 2013 -0400
> 
>     fix minor gcc 4.7.2 error
>     
>     lxccontainer.c:874:4: error: ‘for’ loop initial declarations are only
>     allowed in C99 mode
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit ef6e34eec8d5a9f1447462d6080facb674b3ccdb
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri May 17 18:29:12 2013 -0400
> 
>     extend command processor to handle generic data
>     
>     Motivation for this change is to have the ability to get the run-time
>     configuration items from a container, which may differ from its current
>     on disk configuration, or might not be available any other way (for
>     example lxc.network.0.veth.pair). In adding this ability it seemed there
>     was room for refactoring improvements.
>     
>     Genericize the command infrastructure so that both command requests and
>     responses can have arbitrary data. Consolidate all commands into command.c
>     and name them consistently. This allows all the callback routines to be
>     made static, reducing exposure.
>     
>     Return the actual allocated tty for the console command. Don't print the
>     init pid in lxc_info if the container isn't actually running. Command
>     processing was made more thread safe by removing the static buffer from
>     receive_answer(). Refactored command response code to a common routine.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 9c83a661397456e1455d739bcadfa38f05ce2fe6
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Apr 26 16:01:58 2013 +0200
> 
>     lxcapi: Add new get_ips() call
>     
>     This adds a new get_ips call which takes a family (inet, inet6 or NULL),
>     a network interface (or NULL for all) and a scope (0 for global) and returns
>     a char** of all the IPs in the container.
>     
>     This also adds a matching python3 binding (function result is a tuple) and
>     deprecates the previous pure-python get_ips() implementation.
>     
>     WARNING: The python get_ips() call is quite different from the previous
>     implementation. The timeout argument has been removed, the family names are
>     slightly different (inet/inet6 vs ipv4/ipv6) and an extra scope parameter
>     has been added.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 92f023dccced28a55ce323253f298e9825fe7da7
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Mon May 20 17:54:23 2013 +0200
> 
>     Implement simple utility functions for reading and writing to fds
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 65fbbb0a0f7bad119aa5f2ac6f3ee041970889fc
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Mon May 20 17:54:22 2013 +0200
> 
>     Move declarations of some constants to where they are needed.
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit c797a220d51d2796355fd60eca50523ffd6fb45e
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Mon May 20 17:54:21 2013 +0200
> 
>     utils.c: Add lxc_wait_for_pid_status routine that returns exit code
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 71b9b8ed262e2d826181bfb79e5d5075ff1a3ff0
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Mon May 20 17:54:20 2013 +0200
> 
>     wait_for_pid: Fix EINTR check
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d1240f0335e0c469b850da467661dfbb8f262727
> Author: Michael H. Warfield <mhw at WittsEnd.com>
> Date:   Mon May 20 12:04:38 2013 -0400
> 
>     lxc-fedora template - systemd console gettys
>     
>     Hey all...
>     
>     Patch to the lxc-fedora template to setup gettys on the ttys that are
>     enabled in the configuration.  The area of the code already had some
>     modifications to that service that didn't seem to do anything and would
>     get wiped out by an update.  I commented that out but subsumed the
>     change it was attempting into my command in case it does something on
>     another rev somewhere.
>     
>     This is very similar to the logic in the OpenSuse template but doesn't
>     seem to appear in other templates, such as arch, which have to deal with
>     systemd.  This isn't unique to Fedora.  The templates for Fedora,
>     ArchLinux, and OpenSuse are the only three that seem to have any
>     reference to systemd at all.
>     
>     Attached below the jump.
>     
>     Regards,
>     Mike
>     --
>     Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
>        /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
>        NIC whois: MHW9          | An optimist believes we live in the best of all
>      PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
>     --
>     
>     Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 11029c023a12dbe3f3569fcc22f25667686e417f
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri May 17 18:28:12 2013 -0400
> 
>     return lxc generated name for veth pair
>     
>     Doing a get_config_item for lxc.network.0.veth.pair only returns the
>     pair name if explicitly given, but it can be useful to know the name
>     even if it is the one that lxc autogenerated.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 40650ea6817286a9587a84bf3ce5d25d10620303
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri May 17 17:40:12 2013 -0400
> 
>     quiet gcc 4.4.7 warning about saveptr use before initialization
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit de09eccbeda214a1ef5a9b7144870defa97e88c4
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 17 11:25:15 2013 -0500
> 
>     lxc-create: zfs: consistently use zfsroot, not zfs_root
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit dc92f6c7eec81dc104b3f7873ffd74ec56a1dae1
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu May 16 08:22:41 2013 -0500
> 
>     document clone hooks
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 148e91f56799f03c868deca8dcad473983a1a2bf
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue May 14 16:10:37 2013 -0500
> 
>     lxc: add clone hook.
>     
>     Add a clone hook called from api_clone.  Pass arguments to it from
>     lxc_clone.c.
>     
>     The clone update hook is called while the container's bdev is mounted.
>     Information about the container is passed in through environment
>     variables LXC_ROOTFS_PATH, LXC_NAME, The LXC_ROOTFS_MOUNT, and
>     LXC_CONFIG_FILE.
>     
>     LXC_ROOTFS_MOUNT=/usr/lib/x86_64-linux-gnu/lxc
>     LXC_CONFIG_FILE=/var/lib/lxc/demo3/config
>     LXC_ROOTFS_PATH=/var/lib/lxc/demo3/rootfs
>     LXC_NAME=demo3
>     
>     So from the hook, updates to the container should be made under
>     $LXC_ROOTFS_MOUNT/ .
>     
>     The hook also receives command line arguments as follows:
>     First argument is container name, second is always 'lxc', third
>     is the hook name (always clone), then come the arguments which
>     were passed to lxc-clone.  I.e. when I did:
>     
>     sudo lxc-clone demo2 demo3 -- hey there dude
>     
>     the arguments passed in were "demo3 lxc clone hey there dude"
>     
>     I personally would like to drop the first two arguments.  The
>     name is available as $LXC_NAME, and the section argument ('lxc')
>     is meaningless.  However, doing so risks invalidating existing
>     hooks.
>     
>     Soon analogous create and destroy hooks will be added as well.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 9a93d99213da44b5ddf2f5295f6ef3a59d4f1fba
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed May 15 15:21:24 2013 -0500
> 
>     cgroup: prevent DOS when a hierachy is mounted multiple times
>     
>     When starting a container, we walk through all cgroup mounts looking
>     for a unique directory name we can use for this container.  If the
>     name we are trying is in use, we try another name.  If it is not in
>     use in the first mount we check, we need to check other hierarchies
>     as it may exist there.  But we weren't checking whether we have already
>     checked a subsystem - so that if freezer was mounted twice, we would
>     create it in the first mount, see it exists in the second, so start
>     over trying in the second mount.
>     
>     To fix this, keep track of which subsystems we have already checked,
>     and do not re-check.
>     
>     (See http://pad.lv/1176287 for a bug report)
>     
>     Note we still need to add, at the next: label, the removal of the
>     directories we've already created.  I'm keeping that for later as
>     it's far lower priority than this fix, and I don't want to risk
>     introducing a regression for that.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 6031a6e5f939bda07d98768d34dafae677a7dfeb
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed May 15 12:27:34 2013 -0400
> 
>     set non device cgroup items before the cgroup is entered
>     
>     This allows some special cgroup items such as memory.kmem.limit_in_bytes
>     to be successfully set, since they must be set before any task is put
>     into the cgroup.
>     
>     The devices cgroup is setup later giving the container a chance to mount
>     file systems before the device it might want to mount from becomes
>     unavailable.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d9e80daf54e15b89b0b08d475b29893be9830be0
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed May 15 13:23:12 2013 -0400
> 
>     doc/lxc.conf minor clarifications
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 627fe3b4c3a65535eb53c3d63794705d8f6322d4
> Author: Michael H. Warfield <mhw at WittsEnd.com>
> Date:   Tue May 14 17:45:12 2013 -0400
> 
>     lxc-fedora-template: autodev, hostname, ARM archs, Raspberry Pi fixes
>     
>     This took a lot longer for me to get around to it...  Sorry.
>     
>     Patch to the lxc-fedora template.
>     
>     I didn't get any further comments from my earlier proposal, weeks ago,
>     and did get one addition based on comments about properly setting the
>     hostname in /etc/hostname, which I've added.  I could have broken them
>     into separate patches but most are pretty small and minor.
>     
>     Changes:
>     
>     * Map armv6l and armv7l architectures to "arm" for yum and repos to
>     function properly.
>     
>     * Detect Fedora Remix distros with no "/etc/fedora-release" file
>     (Raspberry Pi) and find proper release versions when "remix" part of the
>     file context.
>     
>     * Change default Fedora container on non-Fedora hosts to Fedora 17.
>     
>     * Added code for autodev for Fedora systemd containers.
>     
>     * Added code to set /etc/hostname for Fedora > 14 (systemd).
>     
>     * Fix a few typos.
>     
>     Regards,
>     Mike
>     --
>     Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
>        /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
>        NIC whois: MHW9          | An optimist believes we live in the best of all
>      PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
>     --
>     
>     Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 794fb287b3bd7a6c07f99ec1565c517922287065
> Author: Bogdan Purcareata <bogdan.purcareata at freescale.com>
> Date:   Wed May 15 12:08:14 2013 +0300
> 
>     lxc-busybox: check when bind-mounting host libdirs
>     
>     The patch removes the behavior of automatically mounting /lib
>     and /usr/lib, since this is duplicated a few lines below. It will
>     also remove the risk of failing when one of these entries are not
>     present on the host - e.g. on a 64bit machine.
>     
>     Signed-off-by: Bogdan Purcareata <bogdan.purcareata at freescale.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 807732062eab6cd44fb033bfbb37fbb38907aa66
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue May 14 08:24:27 2013 -0500
> 
>     lxc-cirros updates
>     
>     fix userdata consumption
>     
>     patch for console issue
>     
>     Signed-off-by: Scott Moser <scott.moser at canonical.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 58a46e06210a6321c530735f15f66eb648c4657d
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 10 00:52:22 2013 -0500
> 
>     add lxc-cirros
>     
>     Add a template to create a cirros container.  One great thing about
>     cirros is that the image you download is 3.5M.
>     
>     Thanks smoser!
>     
>     Note by default /etc/inittab doesn't have a /dev/console entry, so you
>     don't get a login on the lxc-start console.  Adding
>     
>     console::respawn:/sbin/getty 115200 console
>     
>     makes that work, but ctrl-c still gets forwarded to init which then
>     reboots.  So I didn't bother adding console as part of the template
>     (yet).  Instead I simply lxc-start -d, then lxc-console.
>     
>     Signed-off-by: Scott Moser <scott.moser at canonical.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 714540763b8b1ac12c029d7760b4e4fe13a69b43
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon May 13 12:03:14 2013 -0400
> 
>     serialize multiple threads doing lxcapi_start()
>     
>     The problem is that the fd table is shared between threads and if a thread
>     forks() while another thread has an open fd to the monitor, the duped fd
>     in the fork()ed child will not get closed, thus causing monitord to stay
>     around since it thinks it still has a client. This only happened when
>     calling lxcapi_start() in the daemonized case since that is the only time
>     we try to get the status from the monitor.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 304143a823ede4eca52f1d11ae1449995ad503ff
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed May 8 16:44:10 2013 -0400
> 
>     lxc-shutdown: fix lxc_path variable
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 8d06bd135af4852f24660be965aba2d781223af4
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 7 16:40:49 2013 -0400
> 
>     lxc-monitor multiple paths
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 566c0d6dce82ee573da01e325c53179ed74350f1
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue May 7 19:28:32 2013 -0500
> 
>     lxc-ps: handle cgroup collisions
>     
>     A few months ago cgroup handling in lxc was updated so that if
>     /sys/fs/cgroup/$cgroup/lxc/$container already exists (most often
>     due to another container by the same name under a different lxcpath),
>     then /sys/fs/cgroup/$cgroup/lxc/${container}-N would be used.
>     
>     lxc-ps was never updated to handle this.  Fix that.
>     
>     (Note, the ns cgroup is being special cased there, but I don't
>     really believe ns cgroup works any more.)
>     
>     It would be preferable to rewrite lxc-ps in python or in C, but
>     this at least makes the basic lxc-ps work in the case of multiple
>     containers with the same name.
>     
>     Changelog:
>     	fix missing fi.
>     	replace 'z1' with '$container' as pointed out by Christian
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 7f4717c293fd5ecb9d605bed890cb412314aa8e2
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue May 7 15:33:42 2013 -0500
> 
>     conf.c: remove a break
>     
>     commit ab81cef05338e7a553aacca141287034d6daf167 meant to remove the
>     added break, but apparently i had not done 'git add' before commit
>     --amend.  Remove the added break.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit dd66e5adb38c76e6eecf0e54c5418fd9f7ac3b3b
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 7 10:57:38 2013 -0400
> 
>     coverity: fix potential dereference NULL returned from malloc
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit f2bbe86da4044c8db39e6eae19541fe2d117bae7
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 7 10:57:33 2013 -0400
> 
>     coverity: check return from waitpid
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3856bc9ff50f2cbd6cb2830619f3594ffea0b344
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 7 10:57:26 2013 -0400
> 
>     coverity: clonetest: check correct container is cloned
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 5ca6c34bdeb02ea355a0e5ef9ff51581b58c1ee7
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 7 10:57:16 2013 -0400
> 
>     coverity: condition already checked for
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 42fb4b1585d5f2073fbfe984acd46b625fd3c6a1
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 7 10:57:09 2013 -0400
> 
>     coverity: open can return 0 as an fd, change error check to < 0
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 91c908ee8ea5aada054cbb7f4203d486c2e9a09e
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue May 7 10:57:03 2013 -0400
> 
>     coverity: free malloc'ed memory in error case
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ab81cef05338e7a553aacca141287034d6daf167
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri May 3 16:50:32 2013 -0400
> 
>     coverity: fix dereference NULL return value
>     
>     also break once we have found root, no need to search the rest of the mounts
>     
>     Changelog: May 6: Serge: don't add the break.  (see m-l)
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 7c7ec7a8eded3d3864631165503fedb456e1b779
> Author: Harald Dunkel <harald.dunkel at aixigo.de>
> Date:   Fri May 3 10:53:43 2013 +0200
> 
>     support alternate container path in lxc-netstat.in
>     
>     Signed-off-by: Harald Dunkel <harald.dunkel at aixigo.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 8ee3042a5419ea4c9bb0d1c264715f9d9c39bfa3
> Author: Harald Dunkel <harald.dunkel at aixigo.de>
> Date:   Fri May 3 10:53:41 2013 +0200
> 
>     lxc-create: add missing -P option for running lxc-destroy
>     
>     Signed-off-by: Harald Dunkel <harald.dunkel at aixigo.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit d2c8186b4d185d75e81aec02d5a62dde4192c16d
> Author: Harald Dunkel <harald.dunkel at aixigo.de>
> Date:   Fri May 3 10:53:40 2013 +0200
> 
>     support alternate container path in lxc-shutdown
>     
>     Signed-off-by: Harald Dunkel <harald.dunkel at aixigo.de>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a9bafa108521ac785e846f2ace105c327371c106
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri May 3 16:50:20 2013 -0400
> 
>     coverity: fix dereference before NULL check
>     
>     also fixed some error strings while here
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3c73b55472c096f06fd037c3c0af011be62a432b
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 3 16:36:08 2013 -0500
> 
>     remove leftover debug cruft (thanks, Dwight)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a747894428ea38c4a908acacb610fc3de714e0c0
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri May 3 13:41:40 2013 -0400
> 
>     coverity: ftell returns a signed value
>     
>     The check for flen < 0 could never have been true since flen was declared
>     to be size_t (unsigned). Declare flen to be long since that is what ftell
>     returns.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 8fb86a37daecd05e9ef7f291dd4762be881f88e4
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri May 3 12:28:06 2013 -0500
> 
>     confile.c:config_network_ipv6_gateway: only define gw in needed scope
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit bec695f3ec43972ad38f06f92ff2db03d8405562
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri May 3 12:04:07 2013 -0400
> 
>     coverity: fix leak when ipv6 gw is auto
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 8950ee8ebfc9a7f34003f6892b5a7da6aef9fff9
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri May 3 12:04:01 2013 -0400
> 
>     coverity: fix leak in error case
>     
>     Since lxc_execute() is available through the library and is exposed via
>     the API we cannot be sure the caller will immediately exit, so we should
>     take care to free the allocated memory.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a2eea3c1974d70bdef74a0af6a14ca3a6fa41704
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Fri May 3 11:29:39 2013 -0400
> 
>     coverity: ensure string is null terminated, return in
>     
>      error case
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2d4bcb96155c0e4a5d2734017f889b993144e876
> Author: Weng Meiling <wengmeiling.weng at huawei.com>
> Date:   Fri May 3 11:02:48 2013 +0800
> 
>     lxc_start: free the conf if starting the container fails
>     
>     When running lxc-start command with valgrind, it reports a memory leak error.
>     When lxc-start command fails, the conf which is from malloc has not been released.
>     This patch fix the problem.
>     
>     Signed-off-by: Weng Meiling <wengmeiling.weng at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit fc7e88640cbdb402aaa048dd74829c8d09dda850
> Author: Weng Meiling <wengmeiling.weng at huawei.com>
> Date:   Fri May 3 11:02:40 2013 +0800
> 
>     add free conf->rcfile in lxc_conf_free
>     
>     when releasing the conf, add free conf->rcfile which is from malloc
>     
>     Signed-off-by: Weng Meiling <wengmeiling.weng at huawei.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b85ab7989ebe24629267048cb269b278eeb50490
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu May 2 16:28:10 2013 -0500
> 
>     ubuntu templates: add comments to show how to enable nesting
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 375c2258b24b233832c9ec43ab9c7b3f5dce25fb
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed May 1 23:37:05 2013 -0500
> 
>     clone: a few fixes
>     
>     clean up error case in clone, which in particular could cause double
>     lxc_container_put(c2)
>     
>     for overlayfs, handle (with error message) all bdev types.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit e0b0b533feed683ce12c94e11174019a5dac64fc
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed May 1 19:07:16 2013 -0400
> 
>     allow lxc-init to log when rootfs not given
>     
>     On Mon, 29 Apr 2013 14:44:47 -0500
>     Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
>     
>     > Quoting Dwight Engen (dwight.engen at oracle.com):
>     > > So I did this, only to realize that lxc-init is passing "none" for
>     > > the file anyway, so it currently doesn't intend to log. This makes
>     > > me think that passing NULL for lxcpath is the right thing to do in
>     > > this patch. If you want me to make it so lxc-init can log, I can do
>     > > that but I think it should be in a different change :)
>     >
>     > That actually would be very useful, but as you say that's a different
>     > feature - thanks.
>     
>     ... and here is said change.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit eee3ba81c88e64b8a732694fc4843a39d5bde491
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed May 1 08:33:12 2013 -0500
> 
>     templates: deny writes to host's clock (v2)
>     
>     Don't allow write to /dev/rtc0, and remove sys_time.
>     
>     Thanks, Christoph.
>     
>     v2: drop sys_time, sys_module, mac_admin and mac_override in
>     all templates.
>     
>     Reported-by: Christoph Mitasch <cmitasch at thomas-krenn.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ee25a44fd389ed450e3d7ef9513eec19668f2de7
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue Apr 30 16:33:18 2013 -0400
> 
>     log.c: always use dir when lxcpath is not default
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b338c81b9f0130106eee4b2ff70959c2e62a1fac
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Apr 30 14:45:32 2013 -0500
> 
>     lxc.functions.in: add missing backquote
>     
>     Reported by both Dwight and S.Çağlar - thanks.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 385e7a431a1865017211478741408d505396f9a7
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Apr 30 14:23:08 2013 -0500
> 
>     lxc.functions.in: use the right parameter to lxc-config to get lxcpath
>     
>     Reported-by: S.Çağlar Onur <caglar at 10ur.org>
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b164a17f9bfcc3f067dad33d0c38834aa22ca2b1
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Apr 30 14:20:40 2013 -0500
> 
>     remove lxc-clone-sh
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ec471210d97ba23b2de618349bdb6dd4145e53e0
> Author: S.Çağlar Onur <caglar at 10ur.org>
> Date:   Tue Apr 30 14:55:04 2013 -0400
> 
>     Update .gitignore
>     
>     Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
>     Signed-off-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 0fc0d057c34f3ee10eeb87e3f11405aa79c3b4df
> Author: S.Çağlar Onur <caglar at 10ur.org>
> Date:   Tue Apr 30 14:55:03 2013 -0400
> 
>     silence "sh: 1: zfs: not found" errors on systems without ZFS
>     
>     Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
>     Signed-off-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a8428dfa2c6a43ee195f4be3e04a519ca1fc6ec0
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Apr 29 22:09:06 2013 +0200
> 
>     introduce lxc_config
>     
>     It's a tiny program (exported through the api) wrapping the util.c
>     helpers for reading /etc/lxc/lxc.conf variables, and replaces
>     the kludgy shell duplication in lxc.functions.in
>     
>     Changelog: Apr 30: address feedback from Dwight
>     	(exit error on failure, and use 'lxcpath' as name, not
>     	'default_path').
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Dwight Engen <dwight.engen at oracle.com>
> 
> commit 1e1bb42a8fca68d9fa9391e6644aeff296479499
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Apr 29 14:50:30 2013 +0200
> 
>     add vg and zfsroot options to lxc.functions and use in lxc-create
>     
>     also make sure to drop spaces between = and variable in lxc.conf
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 31a95fecd2e0b1408e9a97e3ae36a7770544d1a2
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sat Apr 27 04:59:11 2013 +0200
> 
>     allow site-wide customization of zfsroot and lvm vg
>     
>     /etc/lxc/lxc.conf can contain
>     
>     	zfsroot = custom1
>     	lvm_vg = vg0
>     
>     (Otherwise the defaults are 'lxc' for lvm_vg, and 'lxc' for zfsroot)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ca52dcb55961d75e0163f237c92d225964c786bd
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Apr 26 18:00:28 2013 +0200
> 
>     Several backing store improvements
>     
>     allow copy clones from other bdevs
>     
>     for lvm and zfs, as we don't yet support passing options, only default
>     VG of 'lxc' and default zfsroot of 'tank' are supported when converting
>     another backing store type.
>     
>     refuse deletion of container which has lvm or zfs snapshots.
>     	Note that since a zfs clone must be made from a zfs snapshot,
>     	which is made from the original zfs fs, even after we
>     	lxc-destroy the snapshotted container we still must manually
>     	remove the snapshot.  This can be handled automatically, by
>     	looking for snapshots where c1 is the original, c2 is the clone,
>     	tank/c2 no longer exists, but tank/c1 at c2 does.  We can then
>     	remove tank/c1 at c2 and feel free to remove tank/c1.  This patch
>     	does NOT do that yet.
>     
>     Make sure not to return when we're a forked child.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 3baa76fe36bd2b59645a952c3a47a960090c38d2
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Apr 26 00:14:37 2013 +0200
> 
>     implement zfs bdev and clone
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 9be53773792fc9e8bd173edc3b7ac7e144875387
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Apr 16 08:07:05 2013 -0500
> 
>     implement backend drivers and container clone API (v3)
>     
>     1. commonize waitpid users to use a single helper.  We frequently want
>     to run something in a clean namespace, or fork off a script.  This
>     lets us keep the function doing fork:(1)exec(2)waitpid simpler.
>     
>     2. start a blockdev backend implementation.  This will be used for
>     mounting, copying, and snapshotting container filesystems.
>     
>     3. implement btrfs, lvm, directory, and overlayfs backends.
>     
>     4. For overlayfs, support a new lxc.rootfs format of
>     'bdevtype:<extra>'.  This means you can now use overlayfs-based
>     containers without using lxc-start-ephemeral, by using
>     lxc.rootfs = overlayfs:/readonly-dir:writeable-dir
>     
>     5. add a set of simple clone testcases
>     
>     6. Write a new lxc_clone.c based on api clone.
>     
>     Still to do (there's more, but off top of my head):
>     
>     1. support zfs, aufs
>     2. have clone handle other mount entries (right now it only clones
>     the rootfs)
>     3. python, lua, and go bindings (not me :)
>     4. lxc-destroy: if lvm backing store, check for snapshots of it.
>        (what about directories which have overlayfs clones?)
>     
>     Changes since v2:
>     	Initialize random generator when picking new macaddr (reported
>     	  by caglar at 10ur.org)
>     	Fix wrong use of bitmask flags
>     	On copy-clone of btrfs, create a subvolume
>     	lxc_clone.c: respect the command line usage of the old script
>     	lxc-clone(1): update documentation
>     	Refuse to try changing backing stores expect to overlayfs, as
>     	  it is not implemented (yet) anyway.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     
>     Conflicts:
>     	src/lxc/utils.h
> 
> commit ab1bf971d2db43777cbf3892fb887bf71ce7d155
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 29 14:54:08 2013 -0400
> 
>     Create log file in lxcpath for non-system containers
>     
>     On Fri, 26 Apr 2013 10:18:12 -0500
>     Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
>     
>     > Quoting Dwight Engen (dwight.engen at oracle.com):
>     > > On Fri, 26 Apr 2013 09:37:49 -0500
>     > > Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
>     > >
>     > > > Quoting Dwight Engen (dwight.engen at oracle.com):
>     > > > > Using lxc configured with --enable-configpath-log, and
>     > > > > specifying a path to the lxc commands with -P, the log file
>     > > > > path is generated with a basename of LOGPATH instead of the
>     > > > > lxcpath. This means for example if you do
>     > > > >
>     > > > > lxc-start -P /tmp/containers -n test01 -l INFO
>     > > > >
>     > > > > your log file will be
>     > > > >
>     > > > > /var/lib/lxc/test01/test01.log
>     > > > >
>     > > > > I was expecting the log to be /tmp/containers/test01/test01.log.
>     > > > > This is particularly confusing if you also have test01 on the
>     > > > > regular lxcpath. The patch below changes the log file path to be
>     > > > > based on lxcpath rather than LOGPATH when lxc is configured with
>     > > > > --enable-configpath-log.
>     > > > >
>     > > > > I think that even in the normal non --enable-configpath-log case
>     > > > > we should consider using lxcpath as the base and not having
>     > > > > LOGPATH at all, as attempting to create the log files
>     > > > > in /var/log is not going to work for regular users on their own
>     > > > > lxcpath. If we want that, I'll update the patch to do that as
>     > > > > well.
>     > > >
>     > > >
>     > > > Perhaps we should do:
>     > > >
>     > > > 	1. If lxcpath == default_lxc_path(), then first choice is
>     > > > 	   LOGPATH, second is lxcpath/container.log
>     > > > 	2. when opening, if first choice fails, use second choice
>     > > > 	   if there is any.
>     > > >
>     > > > That way 'system' containers will go to /var/log/lxc, as I think
>     > > > they should.  Custom-lxcpath containers should never go
>     > > > to /var/log/lxc, since their names could be dups of containers in
>     > > > default_lxc_path(). And if the system is a weird one where
>     > > > default_lxc_path is set up so that an unprivileged user can use
>     > > > it, then we should log into $lxcpath.
>     > >
>     > > That sounds good to me. So these rules would apply in both the
>     > > regular and --enable-configpath-log cases.
>     
>     I updated the patch to try to open the log file according to the
>     choices given above. Along the way I cleaned up log.c a bit, making
>     some things static, grouping external interfaces together, etc...
>     Hopefully that doesn't add too much noise.
>     
>     > > > (Note this patch will trivially conflict with my new lxc_clone.c
>     > > > causing it to fail to build - unfortunate result of timing)
>     > >
>     > > Yeah unfortunately this touches every lxc_log_init() caller. I can
>     > > work on the above logic and re-submit after your new lxc_clone
>     > > stuff goes in.
>     >
>     > No no, I'll just need to remember to update mine.  Don't hold up on
>     > mine, this is just the nature of such collaboration  :)
>     >
>     > > Did you have any thoughts on the XXX what to pass in for lxcpath in
>     > > lxc_init? Right now it just falls back to LOGPATH.
>     >
>     > No - that's a weird one, since lxc_init runs in the container.  If
>     > there were only system containers I'd say always use LOGPATH.
>     > However there are people (apparently :) who use container sharing the
>     > host's rootfs...
>     >
>     > lxc-execute does know the lxcpath.  Perhaps we can simply have
>     > src/lxc/execute.c:execute_start() look at handler->conf to see if a
>     > rootfs is set.  If rootfs is NOT set, then pass lxcpath along to
>     > lxc-init.  Then lxc-init can mostly do the same as the others?  (It
>     > doesn't use src/lxc/arguments.c, so you'd have to add lxcpath to
>     > options[] in lxc-init.c)
>     
>     So I did this, only to realize that lxc-init is passing "none" for the
>     file anyway, so it currently doesn't intend to log. This makes me
>     think that passing NULL for lxcpath is the right thing to do in
>     this patch. If you want me to make it so lxc-init can log, I can do
>     that but I think it should be in a different change :)
>     
>     --
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 7f95145833bb24f54e037f73ecc37444d6635697
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 29 16:47:35 2013 -0400
> 
>     fix building docs
>     
>     Commit 69fe23ff added checking for the older docbook2man back into
>     configure, but this breaks building the docs on at least Oracle Linux and
>     Fedora when docbook2X is not installed as docbook2man will be found but the
>     docs don't actually build with that tool.
>     
>     This change makes it so the docs can be built with either the older
>     docbook2man or the newer 2X tools by using configure to set the dtd
>     string to an appropriate value depending on use of docbook2man or
>     db2x_docbook2man.
>     
>     Also fixed a small error in lxc-destroy.sgml.in that was noticed
>     by the old tools.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 33c2c3ec93c17758f37cc2e53f07f7dfe6b72336
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Apr 25 15:18:25 2013 -0500
> 
>     add zfs support to lxc-create and lxc-destroy
>     
>     This is based on patch from Papp Tamas (thanks).  It also does some
>     reorganizing of lxc-create to commonize some of the backingstore handling.
>     
>     I played with it using:
>     
>     	sudo lvcreate -L 100G -n zfs vg0
>     	sudo zpool create lxc /dev/vg0/zfs
>     	sudo lxc-create -B zfs --zfsroot lxc -t ubuntu -n dir2
>     
>     or you could
>     
>     	qemu-img create zfs.img 100G
>     	sudo qemu-nbd -c /dev/nbd0 zfs.img
>     	sudo zpool create lxc /dev/nbd0
>     	sudo lxc-create -B zfs --zfsroot lxc -t ubuntu -n dir2
>     
>     I'll write the bdev.c handler and hook up lxc-clone next.
>     
>     This also fixses a bug in the sed expression to extract the rootfs from
>     container config, which prepended an extra '/' to the rootdev.  (That
>     caused the zfs list entry not to match at destroy)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Cc: Papp Tamas <tompos at martos.bme.hu>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit f485f377a1caba11c58da100d3db9a8c6fdeb7d5
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Thu Apr 25 12:21:53 2013 -0400
> 
>     lxc_wait should start monitord
>     
>     If lxc_wait is called before the container has started the socket will not
>     yet have been created and lxc_wait's connect to it will fail. Starting the
>     daemon will create the socket for lxc_wait to connect to.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 4f43438c476c3c5fb78d6192238d540108a33cb1
> Author: Christian Seiler <christian at iwakd.de>
> Date:   Thu Apr 25 13:00:19 2013 +0200
> 
>     lxc_attach: Use clone() instead of second fork()
>     
>     Because of an assertion in glibc's fork() wrapper that parent pid and
>     pid of child should never be the same, one should avoid fork() after
>     attaching to a PID namespace, since the pid inside the namespace may
>     coincide with the pid of the parent outside the namespace, thus hitting
>     the aforementioned assertion.
>     
>     This patch just changes the code in the most simple manner to use
>     clone() instead of fork(). Since clone() requires a function to be
>     called instead of returning 0, we move the code of the child into a
>     function child_main.
>     
>     Signed-off-by: Christian Seiler <christian at iwakd.de>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 6320e49454b0fd86dde7df0af54a2e194ae59821
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Thu Apr 25 17:31:34 2013 +0200
> 
>     lxc.conf: Add reference to capabilities manpage
>     
>     This adds a reference to capabilities(7) to the lxc.conf manpage.
>     
>     Signed-off-by: Tomáš Pospíšek <tpo_deb at sourcepole.ch>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 69fe23ff0777390e34a8c0b11ce6037e5aef9109
> Author: Peter Simons <simons at cryp.to>
> Date:   Thu Apr 25 12:20:30 2013 +0200
> 
>     configure: support for the "docbook2man" utility to build the documentation
>     
>     This adds docbook2man as an alternative name for the docbook compiler.
>     As that name was used on Debian based systems for an older version of the tool,
>     this change also adds a check so that docbook2man is never used on Debian based
>     systems.
>     
>     Reported-by: Peter Simons <simons at cryp.to>
>     Reported-by: Christian Bühler christian at cbuehler.de
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit f05699d19e27567583b9397a8d529e8aa275f5e1
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Apr 24 22:47:50 2013 -0500
> 
>     Revert "monitor.c: sanity check on waitpid return value"
>     
>     It's reported to errors in parallel starts.
>     
>     Reported-by: "S.Çağlar Onur" <caglar at 10ur.org>
>     
>     This reverts commit 6b7916695264238a490971e8cd87612154fc18b1.
> 
> commit 6b7916695264238a490971e8cd87612154fc18b1
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Apr 24 19:59:10 2013 -0500
> 
>     monitor.c: sanity check on waitpid return value
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit e8b9ac8fdfddec6a2eaacd6cdaa968058cf4e1e2
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Apr 24 19:49:59 2013 -0500
> 
>     close fd on error path
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 4fa22bfca1e94393aa3fbdc3fdf5516e75d47521
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Wed Apr 24 15:16:21 2013 -0500
> 
>     lxc-create: cleanup whenever exiting with error
>     
>     Otherwise we leave bad containers sitting around and further confuse
>     things on retries.
>     
>     Reported-by: Mukanyiligira Didacienne <siyana223 at gmail.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit e51d4895129209cec1c15bda2322136a03ec94b2
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed Apr 24 15:06:20 2013 -0400
> 
>     Allow multiple monitor clients
>     
>     This fixes a long standing issue that there could only be a single
>     lxc-monitor per container.
>     
>     With this change, a new lxc-monitord daemon is spawned the first time
>     lxc-monitor is called against the container and will accept connections
>     from any subsequent lxc-monitor.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit dc7f65454ee88fbd50f4d6f8a7c567eb27107314
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Wed Apr 24 21:38:32 2013 +0200
> 
>     ubuntu: Don't break when the locale is C.*
>     
>     Update the code to also match C.* so that C.UTF-8 doesn't make the
>     container creation fail.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 0a9362f5745a58a3d63354d76182108ea81ecf05
> Author: S.Çağlar Onur <caglar at 10ur.org>
> Date:   Tue Apr 23 17:24:31 2013 -0400
> 
>     Support starting containers concurrently
>     
>     Trying to start multiple containers concurrently may cause
>     lxc_monitor_read_timeout to fail as select call could be
>     interrupted by a signal, handle it.
>     
>     Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 15451ecf742bfa38a0732270b36d4a8666d2124e
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Wed Apr 24 17:24:26 2013 +0200
> 
>     python: Make the code compatibly with 3.2
>     
>     The previous change used some 3.3-specific functions.
>     We still support 3.2 so revert to 3.2-compatible calls.
>     
>     Reported-by: S.Çağlar Onur <caglar at 10ur.org>
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 6516ad8b01aac298bffe60a8d7d21745f3354a38
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Wed Apr 24 00:50:44 2013 +0200
> 
>     python: Fix convert_tuple_to_char_pointer_array
>     
>     This finally fixes a few issues with the magic
>     convert_tuple_to_char_pointer_array function.
>     
>     This now clearly copies the char* from the python object so we don't
>     end up keeping reference to those.
>     
>     Also add the few required free calls to free the content of the array.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 93d564edc5d69819e85c3fa93368d37ec803a2f9
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Wed Apr 24 11:41:45 2013 +0200
> 
>     cgroup: Remove unused mntent variables
>     
>     Spotted by coverity, we were now assigning mntent but only every using
>     mntent_r, so drop those variables and assignation.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit fd37327f57a6d53692babcaf69dfbd8f62e59918
> Author: S.Çağlar Onur <caglar at 10ur.org>
> Date:   Wed Apr 17 17:15:51 2013 -0400
> 
>     Support stopping containers concurrently
>     
>     Trying to stop multiple containers concurrently ends up with "cgroup is not mounted" errors as multiple threads corrupts the shared variables.
>     Fix that stack corruption and start to use getmntent_r to support stopping multiple containers concurrently.
>     
>     Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit cf0f903326cf3cdd10f834c1bbc627fd81e06044
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Apr 23 08:37:41 2013 -0500
> 
>     detect APT_PROXY from host apt.conf
>     
>     Introduce a new HTTP_PROXY variable in /etc/default/lxc.  If unset or
>     set to none, then behavior continues as before.  If set to 'apt', then
>     any http::proxy set in apt.conf will be used as http_proxy for
>     debootstrap, and specified in the container's
>     /etc/apt/apt.conf.d/70proxy.  If set to something else, then the
>     value of HTTP_PROXY will be used as http_proxy for debootstrap and
>     specified in the container's 70proxy.
>     
>     Changelog: (apr 23) merge the two apt proxy detection functions.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 051151de890705173a42bbead40a6125d34ea41b
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 22 14:02:30 2013 -0400
> 
>     goto correct cleanup label to ensure fd is closed
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit bbb8a488aeacf8a226d49773fe13798a202a78e2
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Apr 22 15:46:26 2013 -0500
> 
>     remove needless check for 'line' which cannot be NULl there
>     
>     (found by coverity)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 7e1667d76e76eb3d571be5e4b545e8ace6e92187
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Mon Apr 22 15:40:57 2013 -0500
> 
>     cgpath test: don't check path len before checking if it is null
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ddb17f1f0870ddb1678e34652f54458207cb3bb0
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 22 11:16:57 2013 -0400
> 
>     make lxc_af_unix_open() safely return error on long pathnames
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 599d42525144cf0fcc7de6ac1b576c5c6ae290c2
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Sun Apr 21 22:42:06 2013 +0200
> 
>     python: Fix get_ips and nesting with lxcpath
>     
>     When using -P (lxcpath), the parameter path needs to be forwarded
>     to the various commands being run but not used by the nested lxc-ls
>     as it's relatively unlikely that both the host and the nested containers
>     use a custom path.
>     
>     This isn't ideal but short of having a way to provide the container path
>     for every single of the nesting (with potential unlimited depth), it's
>     the best we can do.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a2abaa9ec60a8967611e8c8905698bd01bde5861
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Sun Apr 21 20:09:24 2013 +0200
> 
>     ubuntu: Various fixes
>     
>      - Drop disabled entries from allowed devices list
>      - Improve generated config layout a bit
>      - Drop redundant uname call
>      - Re-generate the SSH host keys on container creation
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ed4616b1cfbc84dd01caa8546d813e8c5d482921
> Author: Christian Bühler <christian at cbuehler.de>
> Date:   Sat Apr 20 15:50:13 2013 +0200
> 
>     Use "uname -m" instead of "arch"
>     
>     According to "arch"'s manpage, it's identical to "uname -m".
>     
>     Some distros ship uname but don't ship arch, however all distros ship uname,
>     therefore it makes sense to use "uname -m" whenever possible.
>     
>     Signed-off-by: Christian Bühler <christian at cbuehler.de>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 6c5db2af1f706e8f21f2a5f074bada96e9011052
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Thu Apr 18 22:20:53 2013 +0200
> 
>     python: Various fixes to the python scripts
>     
>     This fixes a few issues uncovered by the recent C module fix.
>     
>     In lxc-start-ephemeral, the hwaddr code wasn't actually working.
>     Replace by code that properly iterates through the network interfaces
>     and sets a new MAC address for each entry.
>     
>     In the python overlay, catch the newly emitted KeyError when in
>     set_config_item (or setting any previously unset variable would fail).
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2ebec36f271d4ee943281e32feb3552745115347
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Fri Apr 12 11:19:56 2013 +0200
> 
>     python: Lots of fixes in C extension
>     
>     Fixes a lot of issues found by a code review done by Barry Warsaw.
>     
>     Those include:
>      - Wrong signature for getters
>      - Various memory leaks
>      - Various optimizations
>      - More consistent return values
>      - Proper exception handling
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
>     Reported-by: Barry Warsaw <barry at ubuntu.com>
>     Acked-by: Barry Warsaw <barry at ubuntu.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 860fc865b0ae0fd6381a8a9a777efdbde0aaefb6
> Author: Richard Weinberger <richard at nod.at>
> Date:   Wed Apr 17 23:54:09 2013 +0200
> 
>     utils: reimplement/fix mkdir_p() (v2)
>     
>     Reimplement mkdir_p() such that it:
>      ...handles relativ paths correctly. (currently it crashes)
>      ...does not rely on dirname().
>      ...is not recursive.
>      ...is shorter. ;-)
>     
>     Signed-off-by: Richard Weinberger <richard at nod.at>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 23154d5764c06b68a5c154cecd89524ebe747ca1
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Thu Apr 18 10:30:33 2013 +0200
> 
>     Revert "start: Detect early failure of the new child"
>     
>     This reverts commit 5a5c35c3a01afec515e688c8366e6f893985518d.
>     
>     This commit was preventing startup of containers using lxc hooks and
>     shutdown of all other containers, requiring the use of a good old
>     kill -9 to get rid of lxc-start after a container shutdown.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 3763ee85915d28737bfebffa136bfb49ef0a2109
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Thu Apr 18 10:29:44 2013 +0200
> 
>     Revert "utils: reimplement/fix mkdir_p()"
>     
>     This reverts commit 8de4140644f01180f2fdab55b0ab0f13d1c761c6.
>     
>     This commit was preventing container startup on my machine, making them
>     all fail with various "No such file or directory" errors.
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 8de4140644f01180f2fdab55b0ab0f13d1c761c6
> Author: Richard Weinberger <richard at nod.at>
> Date:   Wed Apr 17 17:13:40 2013 +0200
> 
>     utils: reimplement/fix mkdir_p()
>     
>     Reimplement mkdir_p() such that it:
>      ...handles relativ paths correctly. (currently it crashes)
>      ...does not rely on dirname().
>      ...is not recursive.
>      ...is shorter. ;-)
>     
>     Signed-off-by: Richard Weinberger <richard at nod.at>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 5a5c35c3a01afec515e688c8366e6f893985518d
> Author: Richard Weinberger <richard at nod.at>
> Date:   Tue Apr 16 23:42:23 2013 +0200
> 
>     start: Detect early failure of the new child
>     
>     If the process in the new namespace dies very early
>     we have currently no chance to detect this.
>     The parent process will just die due to SIGPIPE
>     if it write to the fd used for synchronisation and
>     nobody will notice the real cause of the problem.
>     
>     Install a SIGCHLD handler to detect the death.
>     Later when the child does execve() to the init within
>     the new namespace the handler will be disabled automatically.
>     
>     Signed-off-by: Richard Weinberger <richard at nod.at>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 6b28a086310b8715f4655446f4c01d9555ef1786
> Author: Richard Weinberger <richard at nod.at>
> Date:   Tue Apr 16 23:48:16 2013 +0200
> 
>     init: Fix whitespace damage
>     
>     While we are here, fix the whitespace damage.
>     
>     Signed-off-by: Richard Weinberger <richard at nod.at>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a81bad13ec305b885eff2934307d9205d55e0050
> Author: Richard Weinberger <richard at nod.at>
> Date:   Tue Apr 16 23:48:15 2013 +0200
> 
>     init: unnest interrupt_handler
>     
>     There is no need to use nested functions voodoo.
>     
>     Signed-off-by: Richard Weinberger <richard at nod.at>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2c7d90ac6eb4d883d9650d17cd915d958b4e5e66
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue Apr 16 11:47:29 2013 -0400
> 
>     quiet gcc 4.4.7 warning about saveptr use before initialization
>     
>     The recent change to use strtok_r causes a build warning with this older
>     gcc version, so initialize saveptr to NULL to quiet the compiler and
>     unbreak the build. There was no warning with gcc 4.7.2 that I
>     originally tested with.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 98663823e47ec56ff5a8205a17cc884acbf9cabd
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Apr 16 07:41:17 2013 -0500
> 
>     fix spacing
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 883f4a1eae77f332059dc0be6f965485a0361ec0
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Apr 16 07:35:05 2013 -0500
> 
>     mkdir_p: account for '//foo/bar'
>     
>     As Richard reported, dirname('//') returns //.  But mkdir_p only stops
>     when called with '/', resulting in infinite recursion when given a
>     pathname '//foo/bar'.
>     
>     Reported-by: richard -rw- weinberger <richard.weinberger at gmail.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit ce4c4ca43586825a13c1abb4ce13e90d9447a0eb
> Author: Bogdan Purcareata <bogdan.purcareata at freescale.com>
> Date:   Thu Apr 11 16:29:44 2013 +0300
> 
>     lxc-template: enable chroot + chpasswd functionality for Busybox hosts
>     
>     This patch supports the scenario where a user wants to install a
>     busybox container on a busybox host.
>     
>     When running the template, in order to change the root password,
>     the template needs to do the chroot. On busybox-powered hosts, chroot
>     is not part of the coreutils package - it's part of busybox. And the
>     busybox implementation or chroot only works if it has /lib in the new
>     root populated with the right binaries (or at least that's the
>     solution I found to make it work).
>     
>     The temporarily bind-mounts /lib in the NEWROOT, chroots there,
>     changes the password, goes back and unmounts. This set of operations
>     is contained in a new MOUNT namespace, using the lxc-unshare call.
>     
>     Signed-off-by: Bogdan Purcareata <bogdan.purcareata at freescale.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 8e7da691af29fe1d8b93d2e4acc98eb188ae74cc
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 15 13:43:14 2013 -0400
> 
>     fix checking hook script exit code
>     
>     pclose returns the exit status from wait, we need to check that to see if
>     the script itself failed or not. Tested a script that returned 0, 1, and
>     also one that did a sleep and then was killed by a signal.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2796cf790f80e8be8dd90238f6789e52bd3cc2ac
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 15 15:28:07 2013 -0400
> 
>     fortify: use reentrant safe strtok_r
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit e6a19d2683629888175371ed2eeb8a49a7b44873
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 15 15:59:12 2013 -0400
> 
>     fortify: minor cleanups for unused variables, stricter types
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 0a2188544a538b421612c90d44e56853a9d64458
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 15 15:40:53 2013 -0400
> 
>     fortify: check the value returned from write(2)
>     
>     Also check that we wrote the amount we expected to. The write on the pty
>     is blocking but we could still get a short write on EINTR, so we should
>     SYSERROR it.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 03027ad99f2759182fbcd3363298ae6adaf88cdb
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 15 16:05:36 2013 -0400
> 
>     fix lxc-attach usage
>     
>     This makes it match the manpage and be consistent with lxc-execute
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 4d44e274dcd933327c4f1c1cc7e1f876d08ffa85
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 22:57:46 2013 -0500
> 
>     fix coverity-found errors.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 00b6be440f93131e35e75fb1b34d8d3220590bb5
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 22:44:09 2013 -0500
> 
>     coverity resource leak fixes
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 5371906219ff19886169612993efbb8e82f749a7
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 22:22:10 2013 -0500
> 
>     fix coverity-found resource leaks on error paths.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 2802732032aeaabe8c793ae76112d9c8ba13ee23
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 22:16:26 2013 -0500
> 
>     fix coverity-found resource leaks in config_network_ipv6
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit bb1d227404ff96564877a04ef9299c63f608f543
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 22:02:03 2013 -0500
> 
>     fix free of alloca()d buffer (found by coverity)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 022de5f317014c538e17378b626cf3267625e141
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 21:59:02 2013 -0500
> 
>     fix resource leak of netdev on error path found by coverity
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b6f24d54f54146a0f5de700dac7ffc2ef7624359
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 21:56:51 2013 -0500
> 
>     fix resource leak of utsname in error path found by coverity
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a6537fbbfb0b9d08adc58ae23b873a084e5d479c
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 21:48:49 2013 -0500
> 
>     genl.c: fix a resource leak found by coverity
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit a741a85d8e241e9ca773f3cd7575d720837fcb51
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 21:45:00 2013 -0500
> 
>     lxcapi_create: fix leak of tpath when a container already exists
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit b4e4ca49c792d7320787a6991ce1815d26060d39
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 21:39:34 2013 -0500
> 
>     lxc_monitor: make sure msg.name is null terminated (bug found by coverity)
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit c928f41fc0e79a24e4c43a80fb26b3c46997d91a
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 21:18:53 2013 -0500
> 
>     ifdef out skipped startone test code
>     
>     Unfortunately installing a working lxc-init is somewhat hairy and
>     distro-dependent.  So we skipped it before, but Coverity didn't
>     like that, so just ifdef it out.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 416707883893211a15c031b1f3589bc7cde9bf2b
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 21:17:09 2013 -0500
> 
>     lxccontaienr: fix missing va_end in error case.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 586d4e9be1eb13cd9cb77cf6c56ce57e24623c44
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Sun Apr 14 21:12:58 2013 -0500
> 
>     lxcccontainer: add missing va_end found by coverity
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit af41709c4243e0fd9dc1fac5f22cdd47316f8277
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Apr 12 15:15:22 2013 -0500
> 
>     af_unix.c: fix coverity-found bug: pass addr size
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit bdb539b89bbe123018392bb8c64cb94c13d736a8
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Apr 12 15:11:29 2013 -0500
> 
>     lxclock: fix coverity-found leak
>     
>     if sem_init fails, free what we mallocd.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 8767795058ca5b46c8a9e335ad941d8799241716
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Fri Apr 12 15:11:11 2013 -0500
> 
>     lxclock: indentation
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 43d1aa34aab1c43bce8f083d024bf54f0246a884
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Thu Apr 11 11:43:31 2013 -0500
> 
>     Fix up struct lxc_container locking
>     
>     1. in container_free, set c->privlock to NULL before calling
>     sem_destroy, to prevent a window where another thread could call
>     sem_wait(c->privlock) while c->privlock is not NULL but is already
>     destroyed.
>     
>     2. in container_get, check for numthreads < 0 before calling lxclock.
>     Once numthreads is 0, it never goes back up.
>     
>     Following is a comment added to lxccontainer.c:
>     
>     /*
>      * Consider the following case:
>     freer                         |    racing get()er
>     ==================================================================
>     lxc_container_put()           |   lxc_container_get()
>     \ lxclock(c->privlock)        |   c->numthreads < 1? (no)
>     \ c->numthreads = 0           |   \ lxclock(c->privlock) -> waits
>     \ lxcunlock()                 |   \
>     \ lxc_container_free()        |   \ lxclock() returns
>                                   |   \ c->numthreads < 1 -> return 0
>     \ \ (free stuff)              |
>     \ \ sem_destroy(privlock)     |
>     
>      * When the get()er checks numthreads the first time, one of the following
>      * is true:
>      * 1. freer has set numthreads = 0.  get() returns 0
>      * 2. freer is between lxclock and setting numthreads to 0.  get()er will
>      *    sem_wait on privlock, get lxclock after freer() drops it, then see
>      *    numthreads is 0 and exit without touching lxclock again..
>      * 3. freer has not yet locked privlock.  If get()er runs first, then put()er
>      *    will see --numthreads = 1 and not call lxc_container_free().
>     */
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
>     Acked-by: Seth Arnold <seth.arnold at canonical.com>
>     Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit e649c8032f84b488cac8ea6c8fb9a77c424a0419
> Author: Stéphane Graber <stgraber at ubuntu.com>
> Date:   Thu Apr 11 14:15:21 2013 +0200
> 
>     python: Fix memory management
>     
>     Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> commit 75129865d48d2293383316f88ce7661e37dde43d
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed Apr 3 14:43:15 2013 -0400
> 
>     ubuntu template: fix installation when LANG=C
>     
>     The ubuntu template will silently fail (because it is set -e) on
>     the locale-gen command when LANG=C
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 9eee2f7739dbaf82d3b0837de41cdcba5ee4a1d3
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed Apr 3 12:31:46 2013 -0400
> 
>     oracle template: install additional user specified pkgs
>     
>     Fix lxc-create to not word split template arguments. This makes
>     lxc-create -n ol -t oracle -- -r "at cronie wget" work since the argument
>     to -r will be passed as one arg instead of three.
>     
>     Fix oracle template -u option to shift the correct amount.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 33892746e373449a8a69a4265d783bf701cb5784
> Author: Wojciech Izykowski <wizykowski at gmail.com>
> Date:   Sat Apr 6 16:33:00 2013 +0200
> 
>     lxc-start-ephemeral: fixed bug with wrong ssh option (-k instead of -i)
>     
>     Corrected ssh option for custom key (from -k to -i). Just see ssh
>     manpage for justification.
>     
>     Signed-off-by: Wojciech Izykowski <wizykowski at gmail.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 6efdcb6a3cc4d06bf64af69b08bc95335f02b79f
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed Apr 3 17:08:32 2013 -0400
> 
>     debian template: set arch when dpkg doesn't exist on host
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> 
> commit fe19f236a2295da1e01ab05ff59853c5a4556811
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Mon Apr 8 12:45:23 2013 -0400
> 
>     fix wait status in pid reuse case
>     
>     Commit 37c3dfc9 sets the wait status on only the child pid. It
>     intended to match the pid only once to protect against pid reuse but it
>     won't because the indicator was reset to 0 every time at the top of the
>     loop. If the child pid is reused, the wait status will be set again.
>     Fix by setting indicator outside the loop.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 1354f952876e96b456425efc7ed9994caf687028
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Tue Apr 9 09:41:15 2013 -0400
> 
>     minor documentation fixes / clarification
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit 190a2ea88e9820e5e150ce36414233da4bd34b44
> Author: Dwight Engen <dwight.engen at oracle.com>
> Date:   Wed Apr 10 10:49:51 2013 -0400
> 
>     remove unused lxc_copy_file
>     
>     Commit e3642c43 added lxc_copy_file for use in 64e1ae63. The use of it
>     was removed in commit 1bc60a65. Removing it reduces dead code and the
>     footprint of liblxc.
>     
>     Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> commit fd95f2402dc70ad41fa2db8fb101f950196458a9
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date:   Tue Apr 9 16:23:05 2013 -0500
> 
>     lxc.functions: don't let LXC_PATH= line end in failure
>     
>     Otherwise if called from dash with set -e, dash will exit.  This
>     causes lxc-clone to fail.
>     
>     Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> -----------------------------------------------------------------------
> 
> Summary of changes:
>  .gitignore                               |   12 +-
>  CONTRIBUTING                             |   24 +
>  autogen.sh                               |   21 +
>  config/Makefile.am                       |    4 +-
>  configure.ac                             |  125 ++-
>  doc/Makefile.am                          |    1 -
>  doc/common_options.sgml.in               |    2 +-
>  doc/legacy/lxc-ls.sgml.in                |    8 +-
>  doc/lxc-attach.sgml.in                   |    4 +-
>  doc/lxc-cgroup.sgml.in                   |    4 +-
>  doc/lxc-checkconfig.sgml.in              |    4 +-
>  doc/lxc-checkpoint.sgml.in               |    4 +-
>  doc/lxc-clone.sgml.in                    |  150 ++-
>  doc/lxc-console.sgml.in                  |   15 +-
>  doc/lxc-create.sgml.in                   |   16 +-
>  doc/lxc-destroy.sgml.in                  |   21 +-
>  doc/lxc-device.sgml.in                   |    4 +-
>  doc/lxc-execute.sgml.in                  |   12 +-
>  doc/lxc-freeze.sgml.in                   |    4 +-
>  doc/lxc-info.sgml.in                     |   32 +-
>  doc/lxc-kill.sgml.in                     |    4 +-
>  doc/lxc-ls.sgml.in                       |    4 +-
>  doc/lxc-monitor.sgml.in                  |   23 +-
>  doc/lxc-netstat.sgml.in                  |    4 +-
>  doc/lxc-ps.sgml.in                       |   10 +-
>  doc/lxc-restart.sgml.in                  |    4 +-
>  doc/lxc-shutdown.sgml.in                 |   98 --
>  doc/lxc-start-ephemeral.sgml.in          |    4 +-
>  doc/lxc-start.sgml.in                    |    4 +-
>  doc/lxc-stop.sgml.in                     |   96 ++-
>  doc/lxc-top.sgml.in                      |    4 +-
>  doc/lxc-unfreeze.sgml.in                 |    4 +-
>  doc/lxc-unshare.sgml.in                  |   10 +-
>  doc/lxc-version.sgml.in                  |    4 +-
>  doc/lxc-wait.sgml.in                     |    4 +-
>  doc/lxc.conf.sgml.in                     |  246 ++++-
>  doc/lxc.sgml.in                          |    4 +-
>  doc/see_also.sgml.in                     |    2 +-
>  hooks/Makefile.am                        |    4 +-
>  hooks/clonehostname                      |   29 +
>  hooks/mountcgroups                       |   25 +-
>  hooks/mountecryptfsroot                  |    2 +-
>  hooks/ubuntu-cloud-prep                  |  184 +++
>  lxc.spec.in                              |    3 +-
>  runapitests.sh                           |   18 +
>  src/include/getline.c                    |   29 +
>  src/include/getline.h                    |   31 +
>  src/include/ifaddrs.c                    |  597 +++++++++
>  src/include/ifaddrs.h                    |   54 +
>  src/include/lxcmntent.c                  |   20 +
>  src/include/lxcmntent.h                  |   21 +
>  src/include/openpty.c                    |   36 +-
>  src/include/openpty.h                    |   23 +
>  src/lua-lxc/Makefile.am                  |    4 +-
>  src/lua-lxc/core.c                       |   54 +-
>  src/lua-lxc/lxc.lua                      |  128 +-
>  src/lxc/Makefile.am                      |   77 +-
>  src/lxc/af_unix.c                        |   21 +-
>  src/lxc/af_unix.h                        |    2 +-
>  src/lxc/apparmor.c                       |   25 +-
>  src/lxc/apparmor.h                       |   20 +
>  src/lxc/arguments.c                      |   39 +-
>  src/lxc/arguments.h                      |   24 +-
>  src/lxc/attach.c                         |  643 +++++++++-
>  src/lxc/attach.h                         |   10 +-
>  src/lxc/attach_options.h                 |  120 ++
>  src/lxc/bdev.c                           | 2070 ++++++++++++++++++++++++++++++
>  src/lxc/bdev.h                           |  138 ++
>  src/lxc/caps.c                           |   40 +-
>  src/lxc/caps.h                           |    6 +-
>  src/lxc/cgroup.c                         | 1237 +++++++++++++-----
>  src/lxc/cgroup.h                         |   37 +-
>  src/lxc/checkpoint.c                     |    2 +-
>  src/lxc/commands.c                       |  701 +++++++++--
>  src/lxc/commands.h                       |   83 +-
>  src/lxc/conf.c                           |  390 +++++--
>  src/lxc/conf.h                           |   32 +-
>  src/lxc/confile.c                        |  145 ++-
>  src/lxc/confile.h                        |    2 +-
>  src/lxc/console.c                        |  786 +++++++++---
>  src/lxc/console.h                        |   20 +-
>  src/lxc/error.c                          |    2 +-
>  src/lxc/error.h                          |    2 +-
>  src/lxc/execute.c                        |   45 +-
>  src/lxc/freezer.c                        |   33 +-
>  src/lxc/genl.c                           |   19 +-
>  src/lxc/genl.h                           |    2 +-
>  src/lxc/legacy/lxc-ls.in                 |    2 +-
>  src/lxc/list.c                           |    2 +-
>  src/lxc/list.h                           |   23 +
>  src/lxc/log.c                            |  243 +++--
>  src/lxc/log.h                            |   16 +-
>  src/lxc/lxc-checkconfig.in               |    2 +-
>  src/lxc/lxc-clone.in                     |  324 -----
>  src/lxc/lxc-create.in                    |  357 -----
>  src/lxc/lxc-destroy.in                   |   63 +-
>  src/lxc/lxc-device                       |    2 +-
>  src/lxc/lxc-ls                           |   11 +-
>  src/lxc/lxc-netstat.in                   |   35 +-
>  src/lxc/lxc-ps.in                        |   31 +-
>  src/lxc/lxc-shutdown.in                  |  151 ---
>  src/lxc/lxc-start-ephemeral.in           |   28 +-
>  src/lxc/lxc-top                          |   13 +-
>  src/lxc/lxc.functions.in                 |   15 +-
>  src/lxc/lxc.h                            |   62 +-
>  src/lxc/lxc_attach.c                     |  458 ++------
>  src/lxc/lxc_cgroup.c                     |   35 +-
>  src/lxc/lxc_checkpoint.c                 |    4 +-
>  src/lxc/lxc_clone.c                      |  179 +++
>  src/lxc/lxc_config.c                     |   70 +
>  src/lxc/lxc_console.c                    |  192 +---
>  src/lxc/lxc_create.c                     |  246 ++++
>  src/lxc/lxc_destroy.c                    |  103 ++
>  src/lxc/lxc_execute.c                    |    8 +-
>  src/lxc/lxc_freeze.c                     |   30 +-
>  src/lxc/lxc_info.c                       |   43 +-
>  src/lxc/lxc_init.c                       |   96 +-
>  src/lxc/lxc_kill.c                       |    6 +-
>  src/lxc/lxc_monitor.c                    |   38 +-
>  src/lxc/lxc_monitord.c                   |  409 ++++++
>  src/lxc/lxc_restart.c                    |    8 +-
>  src/lxc/lxc_start.c                      |  102 +-
>  src/lxc/lxc_stop.c                       |  127 ++-
>  src/lxc/lxc_unfreeze.c                   |   30 +-
>  src/lxc/lxc_unshare.c                    |    2 +-
>  src/lxc/lxc_user_nic.c                   |  782 +++++++++++
>  src/lxc/lxc_usernsexec.c                 |  417 ++++++
>  src/lxc/lxc_wait.c                       |   18 +-
>  src/lxc/lxccontainer.c                   | 1783 ++++++++++++++++++++++----
>  src/lxc/lxccontainer.h                   |  124 ++-
>  src/lxc/lxclock.c                        |  330 ++++-
>  src/lxc/lxclock.h                        |   94 +-
>  src/lxc/lxcseccomp.h                     |    2 +-
>  src/lxc/lxcutmp.c                        |    4 +-
>  src/lxc/lxcutmp.h                        |    2 +-
>  src/lxc/mainloop.c                       |    9 +-
>  src/lxc/mainloop.h                       |    9 +-
>  src/lxc/monitor.c                        |  243 +++-
>  src/lxc/monitor.h                        |   12 +-
>  src/lxc/namespace.c                      |    4 +-
>  src/lxc/namespace.h                      |    5 +-
>  src/lxc/network.c                        |    8 +-
>  src/lxc/network.h                        |    2 +-
>  src/lxc/nl.c                             |    2 +-
>  src/lxc/nl.h                             |    2 +-
>  src/lxc/parse.c                          |   10 +-
>  src/lxc/parse.h                          |    2 +-
>  src/lxc/restart.c                        |    2 +-
>  src/lxc/rtnl.c                           |    2 +-
>  src/lxc/rtnl.h                           |    2 +-
>  src/lxc/seccomp.c                        |    2 +-
>  src/lxc/start.c                          |  260 +---
>  src/lxc/start.h                          |    6 +-
>  src/lxc/state.c                          |  113 +--
>  src/lxc/state.h                          |    2 +-
>  src/lxc/stop.c                           |  115 --
>  src/lxc/sync.c                           |    2 +-
>  src/lxc/sync.h                           |    2 +-
>  src/lxc/utils.c                          |  405 +++++--
>  src/lxc/utils.h                          |  163 +++-
>  src/lxc/version.c                        |    2 +-
>  src/lxc/version.h                        |    2 +-
>  src/python-lxc/examples/api_test.py      |   14 +-
>  src/python-lxc/examples/pyconsole-vte.py |   80 ++
>  src/python-lxc/examples/pyconsole.py     |   54 +
>  src/python-lxc/lxc.c                     |  753 ++++++++++--
>  src/python-lxc/lxc/__init__.py           |  182 ++--
>  src/python-lxc/setup.py                  |   23 +
>  src/tests/Makefile.am                    |   16 +-
>  src/tests/cgpath.c                       |  278 +++--
>  src/tests/clonetest.c                    |  178 +++
>  src/tests/console.c                      |  177 +++
>  src/tests/containertests.c               |    2 +-
>  src/tests/createtest.c                   |    2 +-
>  src/tests/destroytest.c                  |    2 +-
>  src/tests/get_item.c                     |    2 +-
>  src/tests/locktests.c                    |  258 ++---
>  src/tests/lxc-test-usernic               |   67 +
>  src/tests/saveconfig.c                   |    2 +-
>  src/tests/shutdowntest.c                 |    2 +-
>  src/tests/startone.c                     |    4 +-
>  templates/Makefile.am                    |    3 +-
>  templates/lxc-alpine.in                  |  130 ++-
>  templates/lxc-altlinux.in                |   26 +-
>  templates/lxc-archlinux.in               |   14 +-
>  templates/lxc-busybox.in                 |   53 +-
>  templates/lxc-cirros.in                  |  321 +++++
>  templates/lxc-debian.in                  |   31 +-
>  templates/lxc-fedora.in                  |  231 +++-
>  templates/lxc-opensuse.in                |   21 +-
>  templates/lxc-oracle.in                  |   32 +-
>  templates/lxc-sshd.in                    |   82 +-
>  templates/lxc-ubuntu-cloud.in            |  226 ++--
>  templates/lxc-ubuntu.in                  |  132 ++-
>  194 files changed, 16157 insertions(+), 4782 deletions(-)
>  delete mode 100644 doc/lxc-shutdown.sgml.in
>  create mode 100755 hooks/clonehostname
>  create mode 100755 hooks/ubuntu-cloud-prep
>  create mode 100644 src/include/ifaddrs.c
>  create mode 100644 src/include/ifaddrs.h
>  create mode 100644 src/lxc/attach_options.h
>  create mode 100644 src/lxc/bdev.c
>  create mode 100644 src/lxc/bdev.h
>  delete mode 100755 src/lxc/lxc-clone.in
>  delete mode 100644 src/lxc/lxc-create.in
>  delete mode 100644 src/lxc/lxc-shutdown.in
>  create mode 100644 src/lxc/lxc_clone.c
>  create mode 100644 src/lxc/lxc_config.c
>  create mode 100644 src/lxc/lxc_create.c
>  create mode 100644 src/lxc/lxc_destroy.c
>  create mode 100644 src/lxc/lxc_monitord.c
>  create mode 100644 src/lxc/lxc_user_nic.c
>  create mode 100644 src/lxc/lxc_usernsexec.c
>  delete mode 100644 src/lxc/stop.c
>  create mode 100755 src/python-lxc/examples/pyconsole-vte.py
>  create mode 100755 src/python-lxc/examples/pyconsole.py
>  create mode 100644 src/tests/clonetest.c
>  create mode 100644 src/tests/console.c
>  create mode 100755 src/tests/lxc-test-usernic
>  create mode 100644 templates/lxc-cirros.in
> 
> 
> hooks/post-receive
> -- 
> lxc
> 

> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk

> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel


-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20130909/3cb2bbdc/attachment.pgp>


More information about the lxc-devel mailing list