[lxc-devel] [GIT] lxc branch, master, updated. be9f766c1ef1c74cb7cdfca97a71757b492b8a5c
Stéphane Graber
stgraber at ubuntu.com
Mon Sep 9 19:44:03 UTC 2013
On Mon, Sep 09, 2013 at 03:38:16PM -0400, Stéphane Graber wrote:
> Hi Daniel,
>
> Thanks for processing the pull request.
>
> It appears you forgot to tag the current HEAD with lxc-1.0.0.alpha1,
> could you do that before I rebase the staging branch on master?
>
> Thanks!
>
> Stéphane
Oh, and the configure.ac change too (bumping from 0.9.0 to 1.0.0.alpha1).
Thanks!
> On Mon, Sep 09, 2013 at 07:12:09PM +0000, Daniel Lezcano wrote:
> > This is an automated email from the git hooks/post-receive script. It was
> > generated because a ref change was pushed to the repository containing
> > the project "lxc".
> >
> > The branch, master has been updated
> > via be9f766c1ef1c74cb7cdfca97a71757b492b8a5c (commit)
> > via f756cda05c4058dd7f5d46f2cf51c3bc7fd002d1 (commit)
> > via 5c068da9695bcbfa46e0b3666128e3a533c9ddc7 (commit)
> > via 69c757b343b5bbd2543adc4f3f0204d4696515e0 (commit)
> > via 2caf9a97d90a61e5eaf9d7c218e5bcc35dfbfbb3 (commit)
> > via 3a1675bf08b35bd5a5078f5638048c2c72c3e981 (commit)
> > via 330da5fa322cf628aadc425c5be86814530d313e (commit)
> > via c25c2970a6aabc45ee6375cc127ed45efea2f9bf (commit)
> > via ac8255280d2e4348ab0eba5ec6982edc92ee6fbd (commit)
> > via 12e93188de7dfe9ba66e022f9c28aa1f696a22e8 (commit)
> > via 44a80d675ffb81ebb1a66a62c162e93a4c5882a0 (commit)
> > via 2698b46924ab861b1f39fb11560c852d080e7b02 (commit)
> > via eee59f9408398849e9b7fc58dbe68ec176de4d50 (commit)
> > via 2a2d36a42512160e7771b2472cb7922423523048 (commit)
> > via 1fb86a7cdc22d22b14d03eb0cbd1aa6702862dd4 (commit)
> > via 59d66af29da6ca8c5fa8cb63a5bbfc443811bb81 (commit)
> > via 41c3b7c7ac9b33bc562ebad9ea124912577f2ba5 (commit)
> > via 75b5535282453b3442a41df4a3ba6d3058cd6e48 (commit)
> > via e34b5d2ef2c329afe6540bbfc298ae631378832e (commit)
> > via cd0bcc4958e58a2750cf9086f75649d14c83ac70 (commit)
> > via 250b1eec71b074acdff1c5f6b5a1f0d7d2c20b77 (commit)
> > via d08c3aaebca1ccc47f1f14dcd6fbca39953f8dda (commit)
> > via c66e9b01f04840c5abc34d235dbbb2ec9ca55205 (commit)
> > via ca9548ad02238600899a1f86ded308279964e018 (commit)
> > via 80bcb05357a90cc9a2e21e942a2b0a53cddfa7a6 (commit)
> > via 0f081315a9310bf04fe4bc64b900ec6bac36f85d (commit)
> > via 188e0ab60bda276c688ad15877c6d6402081c6c9 (commit)
> > via acbb59f50d5196facde837ea377f70e98ce1e6f8 (commit)
> > via d75462e4d663c58bde0787fdbe0ef3148e44cdde (commit)
> > via 0c69c79b4d86a0bda4a0c1ea2e4cc63d28c7baa6 (commit)
> > via dfa7aa3a836aef5d0f1aebe0f6eeff65d20239ad (commit)
> > via 840295ff4cf11da0938a19f99fef8a1525de8106 (commit)
> > via 80507ee8eb66f4f23494caae26f6d2f0b50480b6 (commit)
> > via 48c63f8d035045af1103b677b5ec577aec59a5b5 (commit)
> > via 5acccf95b2bd1e5ffedf687e527dcad5a54d4c1e (commit)
> > via 79622932f21d22db36a0b6cca129f559b5e76108 (commit)
> > via cb0c6c020314ee0fea0ce30d209711f7e9c29aaa (commit)
> > via 92b0b5bac5717e5281f51340192288050409ad47 (commit)
> > via 9069513c69d77b5c22219b43f78ba1554431dd36 (commit)
> > via dfb31b25e298d98ea80a699f019308019c6670d8 (commit)
> > via 84bdfb2b4c95b24fde5e90e621372fcd6c4d069b (commit)
> > via 659aa0618c34cecd388df73936b41d5fb573090d (commit)
> > via 5d9598d7d3206d1bede4932e7c8565f1ab309fbc (commit)
> > via a09295f841be8add0cbfc2932c59535f0d1365ed (commit)
> > via ca6973422d5471281126e9e1884633367479f246 (commit)
> > via 01efd4d3d91713fc4f8ca55c7726b8216ed16fc6 (commit)
> > via 1fd9bd50ab0ccea0a6c069147a4bccb0751ca18f (commit)
> > via b4569e93217fe9a18af35b4475c8f8eac1436759 (commit)
> > via fb760f70541c9af728eb2ab0c6175875f7448752 (commit)
> > via e14f67a7bfa7065480fc7cd47a45f209a0aee79b (commit)
> > via c9ec905567952830d58a14d1e3a3ea4e1f8b0041 (commit)
> > via 01bfae14dd898fecf0bd130e47a62a3155f619d0 (commit)
> > via 4f17323e79969a98604bc30a8cc24cf083d474c3 (commit)
> > via 9c6694b7073a6ebfd1da4950e0c8db4b91530202 (commit)
> > via a9cab7e39b101b89470e2e4109c14e7f17218032 (commit)
> > via 55c76589fd19e5f04697dcfd0084039cd77ef304 (commit)
> > via 37fc7b9e2eca60e838bf5bf061bd8a8206e4fa9d (commit)
> > via e768f9c0f69df1f02f8252fead6d82648b410bd8 (commit)
> > via 511a6936c7062d59dd9335ef16d9165d19c45604 (commit)
> > via 1a2e58cf55979749ea76835d0b36327c051c2715 (commit)
> > via 5ec279894e8b1275b6cbfaaddb425e8f56639bdc (commit)
> > via a3da2f3bd755165c50c5c7fb55c2bfcb042fb3d8 (commit)
> > via 7f3e12f3e5223c6a6c34bafdf47df86f66078963 (commit)
> > via 2e74d6f3744e5aef2e01f1f295472ffdb58f1929 (commit)
> > via 120ce443c466fb1d286ffd200ca22a1e9db7284c (commit)
> > via 2b89a9c19db30894e2476a5a750c443dee339d70 (commit)
> > via ec346ea11f76d0797035c476794104a3230531f9 (commit)
> > via 180edd67022017351a6546b4aa79bcaefada01c8 (commit)
> > via 590ae889334b01a59606a1a8952d976098bd6123 (commit)
> > via bff13ba210ed61f756fc82adce1921f84b43ffe0 (commit)
> > via 92adc3e911314a6f90986d8410ec0ff4b82c9f79 (commit)
> > via c32981c3fb1bf5191052fb1c348bdc8b9e7c1b15 (commit)
> > via 4ba0d9af63fbf7e9acfa068a1fe36b3d287b9c6b (commit)
> > via d24d56d7ee3420bb79238ff84cad07c20cf4757d (commit)
> > via e3fdf5cc9c60eb97f8520f059ad1a09d3f73509d (commit)
> > via 6fe93aa1877359365a07d9110e0e2dbfb3b0205f (commit)
> > via d74325c436457b87b17e3ea598a9eb4ba66e0d49 (commit)
> > via 1d374b9725e53d8b099970c1b501d56d599c4772 (commit)
> > via fbbf51926e113e5e70d6ea507ed7d1019d0e0aa8 (commit)
> > via d44e88c26690a56f9efac58f602dba06c9ec0c90 (commit)
> > via d3060bd055eac45c1767e1e80fcaba763eb7477d (commit)
> > via d007f8ab3da297ed0de884e0c6e57a66de2fcb42 (commit)
> > via bf7d3153c925ca1404662a8fe031da27308f4187 (commit)
> > via 3d5e9f4801c0311a6300fc781a4c0a09a6d463fe (commit)
> > via d7a09c630b2150636bf4dfb266bc632abd65dfa8 (commit)
> > via b7f2846aabb8c1c59b078b4c529e60ea254432f1 (commit)
> > via 626ad11bfee3e12e675f51e92920030a6f383b19 (commit)
> > via a0e93eeb2293e15a18e6c56271d13907f082c4df (commit)
> > via 61a1d519f472c1ac95c641d974401c932f82be66 (commit)
> > via 9c4693b853c5a9ab2156544ee3334a082cdba420 (commit)
> > via 650468bb4a5c9a6c69b524f574e8d0f315f45c37 (commit)
> > via b93aac46f2802b3639c1ac2ed0cf71174673d110 (commit)
> > via 01e6b7148046c3f41849d093bc61454279792b80 (commit)
> > via b98f7d6ed1b89b6452af4a2b5e27d445e4b3a138 (commit)
> > via 070a4b8e68a6bf9a96c24ded47974388c83f1d57 (commit)
> > via 20ab58c777136a449b3199e0733b62fa87ecfa61 (commit)
> > via 3fb18be95747034bf36f46be11b0eb288b2ec1b4 (commit)
> > via baece282266318a9bb527cefc85ebf7b6dd7f10e (commit)
> > via 8bb17b7791777538d8f7cc957939fc871843f218 (commit)
> > via 79159a86ddb51071055abd7ee08935bc65b9e7a9 (commit)
> > via 034a01593a4ae10d6f1e49b71afbfff70cfc226c (commit)
> > via 54e339f91785368a7825b2edaad04c2177a1a382 (commit)
> > via 65d8ae9c4a66f5ca85289c02dc06d63261c84619 (commit)
> > via 1c8e4ee0a08638e35732a0ddd0052ecde49fbecb (commit)
> > via 4a0ba80d62c0d8aeb5c9857749659fdf716c380a (commit)
> > via b40a606e52c788db85fe1c42d3747483d159b6a5 (commit)
> > via 96532523ef90ea6ce3f08ec7d74c3c850b885e50 (commit)
> > via d273b8abfa24040c8ef0dd73eb1d30ef8dcbec54 (commit)
> > via c9cbb9e51436f84d7871a50776dccacfd8dc196a (commit)
> > via 2c495ae35a804e3c12cb9f4826c30295043986ce (commit)
> > via d155b47dac549a5c30c0011923274e3744109c91 (commit)
> > via 469b57873977afcb5d9f5adb00097c944caedd2a (commit)
> > via b60ed720848c8276e4e770d380ec6014768d9923 (commit)
> > via b113383b84e5fcd2997a939d3f826a06b109e3d9 (commit)
> > via 1aad9e44d65e7c20dabc4c99f57bcf532db66c68 (commit)
> > via 460bcbd85c97b5a0eac9cf7cead1abde1281cd5a (commit)
> > via 5be56973e5e874a142263dfb164b0b03e18a65f3 (commit)
> > via 4165b2c65648b5df521c6e83b1cbad91d0896a00 (commit)
> > via 6f259716e75552cf46ee5125bdbd21e34456d0c0 (commit)
> > via 8058be395d46cfabf2dacd7df79e95309619986a (commit)
> > via 819554fe20bbc0ce720b5ed0d5b8e53aeba6b284 (commit)
> > via 5202677243dcda16ab97c07d497174726198f7ab (commit)
> > via 27c27d73e1b1a07e3621484fa033206549e2a1f5 (commit)
> > via 3ce746862b2a2b33f3de65aeecda0bad1a5dd27c (commit)
> > via 868a70afead6cc48a4c883126ea3ef01b6ec57e0 (commit)
> > via 6a2e602b1b03617e77dcd4b5f82f34713a970ac4 (commit)
> > via dc23c1c817da5c13529432270e51d0f7f3b1e95e (commit)
> > via ae13ae0853a246119ddaf9c8cc6d128a21a8988c (commit)
> > via 283678ed2ccd88a6ba57fcb28516311adcdb6fac (commit)
> > via cbee8106e38f9ffa130c7bf8be325f7f203da67a (commit)
> > via 96b3cb407c07915db2cd0542c313a4bff4d1d389 (commit)
> > via fb75356a85e3097db77386e7c62836a3ee69217f (commit)
> > via 1143ed392d2760e8f7aeee88d570bb0ba151885f (commit)
> > via b9b3a92f664fe3966decd0411b25fb6b77425e23 (commit)
> > via 3327917f4a991a49ba1562b774c63c45139772eb (commit)
> > via 9313e1e628160ca64f9e7fcec6500056c9a0725f (commit)
> > via 6cda3f5ac1e3a20a97a419923e587d6bdb1fece9 (commit)
> > via b58e60e232a3049d946a3b18e6f21912cd3453f0 (commit)
> > via 39ffde307ad83bd407aaa6a0d81682902bab248b (commit)
> > via b0f9616f6227f56dce8ca2514610f432ba4fab8a (commit)
> > via 18efb001a4498f8fc62ab37f1db552fdf001e798 (commit)
> > via ef091cefca5082007678fe82ad01389f7057ca48 (commit)
> > via 9c631ea7c2906f41b23f5c8dcc9f6045078879db (commit)
> > via 9a15a0f3f8faaa5e0d983f11bcf94dcf492c1349 (commit)
> > via 53f3f04845a9eb60064c302e1f95652f665809f1 (commit)
> > via 2e599a6a25b533fe63840edc34ee265811b7b814 (commit)
> > via 982e7b6ea40ea57923f4f094858424debc1a5f7f (commit)
> > via 85b41c7d7f72213199b5cff9525d17f44b49a842 (commit)
> > via 37cb98a2b7e5c7b0abf69f261a16d759453492f1 (commit)
> > via 1a7cb0850405b271b7bedacd243235f29cd368df (commit)
> > via 176d9acb2ec17211a0d69bd2bd99f914fad8d7ad (commit)
> > via ae3f8cf9a4a03c62c6c12968b38b2352388df91c (commit)
> > via 618fa49dddbedd2b7319c0089dffd8d65aef8369 (commit)
> > via 54c30e290876c5fa6e4c7b5a511580793e4777e3 (commit)
> > via 37903589a2de0cbd62f94c5fd06d0aa8d57ca140 (commit)
> > via b515981702133b9aaea1aff378493f054c14d46c (commit)
> > via 5d4d3ebb13705d1e102429c75fc06932f81816dd (commit)
> > via 71b0fed669a088675c1344ed68b250e87414c998 (commit)
> > via 54b79829e23e01998eeafb8156987937a894af3c (commit)
> > via 6e46cfcb0e4fcaa2d920a3c473f83c0a73c68cfa (commit)
> > via fabf7361da4845cd6cf268e0e85c3c6a1c0b0be4 (commit)
> > via 38973621a40a5657b067409321d54759520d7951 (commit)
> > via 31f58b3fcec322dba1eed71e364335c30500066c (commit)
> > via f02abefef9a59658c813e08f86a91fbe09eabf00 (commit)
> > via 93dc5327aa0c2b13d619b8bedf893eea983d4d68 (commit)
> > via 1af60b514fc9d8da2b4485e9e8845619fb6c6b68 (commit)
> > via eddaaafd1a9b02ba39e5b6b13d40b4a5d37a04e1 (commit)
> > via f002c8a7655e42a325ef6bad9fb0844fad4e410b (commit)
> > via 4c1f6b67d9b842d9e5c293eea2ff19301ecc5596 (commit)
> > via 3155e7f954d4b5d7da528d2a3cd8be254432e3c3 (commit)
> > via 63c3090c913142cd19f443b040cdede2c0522ce8 (commit)
> > via 44ef0c0c7200ef4e8783387d886d3748da3d50fd (commit)
> > via 569bee5cc3d647032573db8f72734faa9307d577 (commit)
> > via 0a18b5458b6d0fcad9a82b96f99035254af50c7a (commit)
> > via 3a647d582dc759e43c2087f0d906adf77c62ab6c (commit)
> > via 3bc449ed24edc4b754cbe0af19fe878d29731f59 (commit)
> > via 73e608b21f73509c5f8c7a948cc6d4b0898edb2c (commit)
> > via 39dc698cb4025516a3428a68e19da05feb6fc0e9 (commit)
> > via 0115f8fd27b1a31d367bb161a121694f92b45e62 (commit)
> > via 3db989bad5d58bafac80f448e1dd2d048e791478 (commit)
> > via dc5e436e702f0bf4001e3e6e9f855443b2fcf448 (commit)
> > via 5790f7b7a76b9ccff662fdd6ff0013b8f218d020 (commit)
> > via 64f782ca69c70fd155427a81d69fda593981e770 (commit)
> > via 1897e3bcd36af9f3fe6d3649910a9adb93e5e988 (commit)
> > via 60bf62d4ae36a48342fb8aee680fbd4b423810b1 (commit)
> > via 3e625e2d2e12b919dd9590b97badc6108ee67b1a (commit)
> > via 5cee8c5040661f9875bf41cfffd641c87afae8af (commit)
> > via df271a59cbfcfbe98fa4bd7af3ae595633539a12 (commit)
> > via 2acf77955239ec0046451fa16812d2884e6bd19b (commit)
> > via 6a44839f5973f41553349f1b5e77d8db809e60eb (commit)
> > via ad5f15151580201b79fc140f664227b494639e81 (commit)
> > via 5bb4a226ebec9f3fb678a282a2b2833748d6707b (commit)
> > via 65be441e0892b45000b9b3863d407539e56e47a4 (commit)
> > via 481624b37b37ffa98b735cf3f94e35d1fbd729e0 (commit)
> > via fa9ac567a7f1593c586cca57362f6b542985e5d7 (commit)
> > via 20fe4e8febe40f6fc4e4c6f52b91f0af0232e6f5 (commit)
> > via fca3080f6a46f856c54218a8e478a174382b4c15 (commit)
> > via ef6e34eec8d5a9f1447462d6080facb674b3ccdb (commit)
> > via 9c83a661397456e1455d739bcadfa38f05ce2fe6 (commit)
> > via 92f023dccced28a55ce323253f298e9825fe7da7 (commit)
> > via 65fbbb0a0f7bad119aa5f2ac6f3ee041970889fc (commit)
> > via c797a220d51d2796355fd60eca50523ffd6fb45e (commit)
> > via 71b9b8ed262e2d826181bfb79e5d5075ff1a3ff0 (commit)
> > via d1240f0335e0c469b850da467661dfbb8f262727 (commit)
> > via 11029c023a12dbe3f3569fcc22f25667686e417f (commit)
> > via 40650ea6817286a9587a84bf3ce5d25d10620303 (commit)
> > via de09eccbeda214a1ef5a9b7144870defa97e88c4 (commit)
> > via dc92f6c7eec81dc104b3f7873ffd74ec56a1dae1 (commit)
> > via 148e91f56799f03c868deca8dcad473983a1a2bf (commit)
> > via 9a93d99213da44b5ddf2f5295f6ef3a59d4f1fba (commit)
> > via 6031a6e5f939bda07d98768d34dafae677a7dfeb (commit)
> > via d9e80daf54e15b89b0b08d475b29893be9830be0 (commit)
> > via 627fe3b4c3a65535eb53c3d63794705d8f6322d4 (commit)
> > via 794fb287b3bd7a6c07f99ec1565c517922287065 (commit)
> > via 807732062eab6cd44fb033bfbb37fbb38907aa66 (commit)
> > via 58a46e06210a6321c530735f15f66eb648c4657d (commit)
> > via 714540763b8b1ac12c029d7760b4e4fe13a69b43 (commit)
> > via 304143a823ede4eca52f1d11ae1449995ad503ff (commit)
> > via 8d06bd135af4852f24660be965aba2d781223af4 (commit)
> > via 566c0d6dce82ee573da01e325c53179ed74350f1 (commit)
> > via 7f4717c293fd5ecb9d605bed890cb412314aa8e2 (commit)
> > via dd66e5adb38c76e6eecf0e54c5418fd9f7ac3b3b (commit)
> > via f2bbe86da4044c8db39e6eae19541fe2d117bae7 (commit)
> > via 3856bc9ff50f2cbd6cb2830619f3594ffea0b344 (commit)
> > via 5ca6c34bdeb02ea355a0e5ef9ff51581b58c1ee7 (commit)
> > via 42fb4b1585d5f2073fbfe984acd46b625fd3c6a1 (commit)
> > via 91c908ee8ea5aada054cbb7f4203d486c2e9a09e (commit)
> > via ab81cef05338e7a553aacca141287034d6daf167 (commit)
> > via 7c7ec7a8eded3d3864631165503fedb456e1b779 (commit)
> > via 8ee3042a5419ea4c9bb0d1c264715f9d9c39bfa3 (commit)
> > via d2c8186b4d185d75e81aec02d5a62dde4192c16d (commit)
> > via a9bafa108521ac785e846f2ace105c327371c106 (commit)
> > via 3c73b55472c096f06fd037c3c0af011be62a432b (commit)
> > via a747894428ea38c4a908acacb610fc3de714e0c0 (commit)
> > via 8fb86a37daecd05e9ef7f291dd4762be881f88e4 (commit)
> > via bec695f3ec43972ad38f06f92ff2db03d8405562 (commit)
> > via 8950ee8ebfc9a7f34003f6892b5a7da6aef9fff9 (commit)
> > via a2eea3c1974d70bdef74a0af6a14ca3a6fa41704 (commit)
> > via 2d4bcb96155c0e4a5d2734017f889b993144e876 (commit)
> > via fc7e88640cbdb402aaa048dd74829c8d09dda850 (commit)
> > via b85ab7989ebe24629267048cb269b278eeb50490 (commit)
> > via 375c2258b24b233832c9ec43ab9c7b3f5dce25fb (commit)
> > via e0b0b533feed683ce12c94e11174019a5dac64fc (commit)
> > via eee3ba81c88e64b8a732694fc4843a39d5bde491 (commit)
> > via ee25a44fd389ed450e3d7ef9513eec19668f2de7 (commit)
> > via b338c81b9f0130106eee4b2ff70959c2e62a1fac (commit)
> > via 385e7a431a1865017211478741408d505396f9a7 (commit)
> > via b164a17f9bfcc3f067dad33d0c38834aa22ca2b1 (commit)
> > via ec471210d97ba23b2de618349bdb6dd4145e53e0 (commit)
> > via 0fc0d057c34f3ee10eeb87e3f11405aa79c3b4df (commit)
> > via a8428dfa2c6a43ee195f4be3e04a519ca1fc6ec0 (commit)
> > via 1e1bb42a8fca68d9fa9391e6644aeff296479499 (commit)
> > via 31a95fecd2e0b1408e9a97e3ae36a7770544d1a2 (commit)
> > via ca52dcb55961d75e0163f237c92d225964c786bd (commit)
> > via 3baa76fe36bd2b59645a952c3a47a960090c38d2 (commit)
> > via 9be53773792fc9e8bd173edc3b7ac7e144875387 (commit)
> > via ab1bf971d2db43777cbf3892fb887bf71ce7d155 (commit)
> > via 7f95145833bb24f54e037f73ecc37444d6635697 (commit)
> > via 33c2c3ec93c17758f37cc2e53f07f7dfe6b72336 (commit)
> > via f485f377a1caba11c58da100d3db9a8c6fdeb7d5 (commit)
> > via 4f43438c476c3c5fb78d6192238d540108a33cb1 (commit)
> > via 6320e49454b0fd86dde7df0af54a2e194ae59821 (commit)
> > via 69fe23ff0777390e34a8c0b11ce6037e5aef9109 (commit)
> > via f05699d19e27567583b9397a8d529e8aa275f5e1 (commit)
> > via 6b7916695264238a490971e8cd87612154fc18b1 (commit)
> > via e8b9ac8fdfddec6a2eaacd6cdaa968058cf4e1e2 (commit)
> > via 4fa22bfca1e94393aa3fbdc3fdf5516e75d47521 (commit)
> > via e51d4895129209cec1c15bda2322136a03ec94b2 (commit)
> > via dc7f65454ee88fbd50f4d6f8a7c567eb27107314 (commit)
> > via 0a9362f5745a58a3d63354d76182108ea81ecf05 (commit)
> > via 15451ecf742bfa38a0732270b36d4a8666d2124e (commit)
> > via 6516ad8b01aac298bffe60a8d7d21745f3354a38 (commit)
> > via 93d564edc5d69819e85c3fa93368d37ec803a2f9 (commit)
> > via fd37327f57a6d53692babcaf69dfbd8f62e59918 (commit)
> > via cf0f903326cf3cdd10f834c1bbc627fd81e06044 (commit)
> > via 051151de890705173a42bbead40a6125d34ea41b (commit)
> > via bbb8a488aeacf8a226d49773fe13798a202a78e2 (commit)
> > via 7e1667d76e76eb3d571be5e4b545e8ace6e92187 (commit)
> > via ddb17f1f0870ddb1678e34652f54458207cb3bb0 (commit)
> > via 599d42525144cf0fcc7de6ac1b576c5c6ae290c2 (commit)
> > via a2abaa9ec60a8967611e8c8905698bd01bde5861 (commit)
> > via ed4616b1cfbc84dd01caa8546d813e8c5d482921 (commit)
> > via 6c5db2af1f706e8f21f2a5f074bada96e9011052 (commit)
> > via 2ebec36f271d4ee943281e32feb3552745115347 (commit)
> > via 860fc865b0ae0fd6381a8a9a777efdbde0aaefb6 (commit)
> > via 23154d5764c06b68a5c154cecd89524ebe747ca1 (commit)
> > via 3763ee85915d28737bfebffa136bfb49ef0a2109 (commit)
> > via 8de4140644f01180f2fdab55b0ab0f13d1c761c6 (commit)
> > via 5a5c35c3a01afec515e688c8366e6f893985518d (commit)
> > via 6b28a086310b8715f4655446f4c01d9555ef1786 (commit)
> > via a81bad13ec305b885eff2934307d9205d55e0050 (commit)
> > via 2c7d90ac6eb4d883d9650d17cd915d958b4e5e66 (commit)
> > via 98663823e47ec56ff5a8205a17cc884acbf9cabd (commit)
> > via 883f4a1eae77f332059dc0be6f965485a0361ec0 (commit)
> > via ce4c4ca43586825a13c1abb4ce13e90d9447a0eb (commit)
> > via 8e7da691af29fe1d8b93d2e4acc98eb188ae74cc (commit)
> > via 2796cf790f80e8be8dd90238f6789e52bd3cc2ac (commit)
> > via e6a19d2683629888175371ed2eeb8a49a7b44873 (commit)
> > via 0a2188544a538b421612c90d44e56853a9d64458 (commit)
> > via 03027ad99f2759182fbcd3363298ae6adaf88cdb (commit)
> > via 4d44e274dcd933327c4f1c1cc7e1f876d08ffa85 (commit)
> > via 00b6be440f93131e35e75fb1b34d8d3220590bb5 (commit)
> > via 5371906219ff19886169612993efbb8e82f749a7 (commit)
> > via 2802732032aeaabe8c793ae76112d9c8ba13ee23 (commit)
> > via bb1d227404ff96564877a04ef9299c63f608f543 (commit)
> > via 022de5f317014c538e17378b626cf3267625e141 (commit)
> > via b6f24d54f54146a0f5de700dac7ffc2ef7624359 (commit)
> > via a6537fbbfb0b9d08adc58ae23b873a084e5d479c (commit)
> > via a741a85d8e241e9ca773f3cd7575d720837fcb51 (commit)
> > via b4e4ca49c792d7320787a6991ce1815d26060d39 (commit)
> > via c928f41fc0e79a24e4c43a80fb26b3c46997d91a (commit)
> > via 416707883893211a15c031b1f3589bc7cde9bf2b (commit)
> > via 586d4e9be1eb13cd9cb77cf6c56ce57e24623c44 (commit)
> > via af41709c4243e0fd9dc1fac5f22cdd47316f8277 (commit)
> > via bdb539b89bbe123018392bb8c64cb94c13d736a8 (commit)
> > via 8767795058ca5b46c8a9e335ad941d8799241716 (commit)
> > via 43d1aa34aab1c43bce8f083d024bf54f0246a884 (commit)
> > via e649c8032f84b488cac8ea6c8fb9a77c424a0419 (commit)
> > via 75129865d48d2293383316f88ce7661e37dde43d (commit)
> > via 9eee2f7739dbaf82d3b0837de41cdcba5ee4a1d3 (commit)
> > via 33892746e373449a8a69a4265d783bf701cb5784 (commit)
> > via 6efdcb6a3cc4d06bf64af69b08bc95335f02b79f (commit)
> > via fe19f236a2295da1e01ab05ff59853c5a4556811 (commit)
> > via 1354f952876e96b456425efc7ed9994caf687028 (commit)
> > via 190a2ea88e9820e5e150ce36414233da4bd34b44 (commit)
> > via fd95f2402dc70ad41fa2db8fb101f950196458a9 (commit)
> > from e9831f83532184caa119f830eee54728084444ba (commit)
> >
> > Those revisions listed above that are new to this repository have
> > not appeared on any other notification email; so we list those
> > revisions in full, below.
> >
> > - Log -----------------------------------------------------------------
> > commit be9f766c1ef1c74cb7cdfca97a71757b492b8a5c
> > Merge: e9831f8 f756cda
> > Author: Daniel Lezcano <daniel.lezcano at free.fr>
> > Date: Mon Sep 9 21:07:12 2013 +0200
> >
> > Merge git://github.com/lxc/lxc
> >
> > Signed-off-by: Daniel Lezcano <daniel.lezcano at free.fr>
> >
> > commit f756cda05c4058dd7f5d46f2cf51c3bc7fd002d1
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Fri Sep 6 21:09:57 2013 +0200
> >
> > configure: enable Lua if found and continue without if not
> >
> > Search for Lua if no --enable-lua/--disable-lua specified but continue
> > without if not found.
> >
> > If --enable-lua is specified and Lua is not found then return error.
> >
> > If --disable-lua is specified, then don't search for Lua.
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 5c068da9695bcbfa46e0b3666128e3a533c9ddc7
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Sep 6 12:25:47 2013 -0500
> >
> > lxc_spawn: don't close pinfd until container is stopped
> >
> > Otherwise containers may be able to remount -o ro their rootfs
> > at shutdown.
> >
> > Reported-by: Harald Dunkel <harri at afaics.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 69c757b343b5bbd2543adc4f3f0204d4696515e0
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Fri Sep 6 09:08:45 2013 +0200
> >
> > lua: fix logic to enable lua support in configure
> >
> > When there is no --enable-lua or --with-lua-pc, Lua should not be
> > enabled.
> >
> > This fixes a bug introduced with 12e93188 (configure/makefile:
> > Allow specify Lua pkg-config file with --with-lua-pc) that caused
> > configure script to fail if lua headers was missing.
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 2caf9a97d90a61e5eaf9d7c218e5bcc35dfbfbb3
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Sep 5 20:31:55 2013 -0500
> >
> > sanity-check number of detected capabilities
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3a1675bf08b35bd5a5078f5638048c2c72c3e981
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Thu Sep 5 16:40:49 2013 -0400
> >
> > add AS_VAR_COPY for older autoconf versions
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 330da5fa322cf628aadc425c5be86814530d313e
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Thu Sep 5 15:20:44 2013 -0400
> >
> > lua: fix stats gathering
> >
> > - remove lxc subdir in cgroup paths (done in commit b98f7d6e)
> > - remove extraneous debug printfs
> > - remove extra call to stats_clear
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit c25c2970a6aabc45ee6375cc127ed45efea2f9bf
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Thu Sep 5 15:29:20 2013 +0200
> >
> > lua: implement dirname in C rather than depend on external executable
> >
> > Instead of popen and run external executable dirname we implement a
> > dirname in C in the core module.
> >
> > We also remove the unused basename function.
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit ac8255280d2e4348ab0eba5ec6982edc92ee6fbd
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Thu Sep 5 14:33:28 2013 +0200
> >
> > lua: implement usleep in C module
> >
> > So we avoid running os.execute
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 12e93188de7dfe9ba66e022f9c28aa1f696a22e8
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Thu Sep 5 17:13:07 2013 +0200
> >
> > configure/makefile: Allow specify Lua pkg-config file with --with-lua-pc
> >
> > Enable support for both Lua 5.1 and 5.2 by letting user specify the Lua
> > pkg-config package name. By default it will use 'lua' and try figure
> > out which version it is.
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 44a80d675ffb81ebb1a66a62c162e93a4c5882a0
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Thu Sep 5 08:45:33 2013 +0200
> >
> > lua: prepare for Lua 5.2
> >
> > Adjust code for Lua 5.2 and keep compatibility with Lua 5.1.
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Acked-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 2698b46924ab861b1f39fb11560c852d080e7b02
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Thu Sep 5 15:07:51 2013 -0400
> >
> > lua: fix a bug in the parsing of /proc/mounts
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Acked-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit eee59f9408398849e9b7fc58dbe68ec176de4d50
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Sep 5 18:05:34 2013 -0500
> >
> > clone: don't copy rdepends when not doing a snapshot clone
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2a2d36a42512160e7771b2472cb7922423523048
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Sep 5 17:59:28 2013 -0500
> >
> > fix typo
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 1fb86a7cdc22d22b14d03eb0cbd1aa6702862dd4
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Jun 13 22:43:01 2013 -0500
> >
> > introduce lxc.cap.keep
> >
> > The lxc configuration file currently supports 'lxc.cap.drop', a list of
> > capabilities to be dropped (using the bounding set) from the container.
> > The problem with this is that over time new capabilities are added. So
> > an older container configuration file may, over time, become insecure.
> >
> > Walter has in the past suggested replacing lxc.cap.drop with
> > lxc.cap.preserve, which would have the inverse sense - any capabilities
> > in that set would be kept, any others would be dropped.
> >
> > Realistically both have the same problem - the sendmail capabilities
> > bug proved that running code with unexpectedly dropped privilege can be
> > dangerous. This patch gives the admin a choice: You can use either
> > lxc.cap.keep or lxc.cap.drop, not both.
> >
> > Both continue to be ignored if a user namespace is in use.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 59d66af29da6ca8c5fa8cb63a5bbfc443811bb81
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Sep 5 16:56:54 2013 -0500
> >
> > bdev: free after bdev_init
> >
> > (Except in cases where we will immediately exit)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 41c3b7c7ac9b33bc562ebad9ea124912577f2ba5
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed Sep 4 17:04:51 2013 -0400
> >
> > valgrind: fix memory leak on container new/put
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 75b5535282453b3442a41df4a3ba6d3058cd6e48
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Wed Sep 4 17:01:09 2013 +0200
> >
> > lxc-alpine: add hwaddr for a single macvlan interface
> >
> > We already add harware address for a single veth interface. Do the same
> > with a single macvlan interface.
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit e34b5d2ef2c329afe6540bbfc298ae631378832e
> > Author: S.Çağlar Onur <caglar at 10ur.org>
> > Date: Tue Sep 3 16:21:15 2013 -0400
> >
> > bdev_copy segfaults if bdevtype is NULL
> >
> > Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit cd0bcc4958e58a2750cf9086f75649d14c83ac70
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Tue Sep 3 15:11:07 2013 -0400
> >
> > tests: Add lxc-test-usernic to the dist tarball
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 250b1eec71b074acdff1c5f6b5a1f0d7d2c20b77
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Tue Sep 3 14:29:46 2013 -0400
> >
> > licensing: Add missing headers and FSF address
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit d08c3aaebca1ccc47f1f14dcd6fbca39953f8dda
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Tue Sep 3 11:36:09 2013 -0400
> >
> > ubuntu: iproute is now called iproute2
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit c66e9b01f04840c5abc34d235dbbb2ec9ca55205
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Sep 3 07:56:11 2013 -0500
> >
> > lua: update license
> >
> > As with other files, update to be LGPL since these are part
> > of the lxc library.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ca9548ad02238600899a1f86ded308279964e018
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 30 17:27:14 2013 -0400
> >
> > python: Fix api_test to use the new attach() API
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 80bcb05357a90cc9a2e21e942a2b0a53cddfa7a6
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Sep 3 08:08:39 2013 -0500
> >
> > lxc-commands: add a comment explaining CMD_* rules
> >
> > We wish to ensure that, henceforth, newer lxc tools are always compatible
> > with older lxc monitors. Add a comment to commands.c to explain the
> > rule we wish to enforce to this end.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 0f081315a9310bf04fe4bc64b900ec6bac36f85d
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Aug 30 15:51:31 2013 -0500
> >
> > remove old stale comments (lxc-clone is now implemented)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 188e0ab60bda276c688ad15877c6d6402081c6c9
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 30 15:56:21 2013 -0400
> >
> > Add a section about licensing to CONTRIBUTING
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit acbb59f50d5196facde837ea377f70e98ce1e6f8
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Aug 30 14:43:09 2013 -0500
> >
> > fix license text in ubuntu and ubuntu-cloud templates
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d75462e4d663c58bde0787fdbe0ef3148e44cdde
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Aug 30 14:42:20 2013 -0500
> >
> > fix wrong license text for parts of liblxc library
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 0c69c79b4d86a0bda4a0c1ea2e4cc63d28c7baa6
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 30 12:08:26 2013 -0400
> >
> > avoid zgrep -q as it's failing on some distros
> >
> > Reported-by: Filirom1
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit dfa7aa3a836aef5d0f1aebe0f6eeff65d20239ad
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 30 11:47:58 2013 -0400
> >
> > fedora: Add missing double-quotes.
> >
> > Reported-by: tlc
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 840295ff4cf11da0938a19f99fef8a1525de8106
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 30 11:43:19 2013 -0400
> >
> > Fix some typos
> >
> > Signed-off-by: Dmitry Shachnev <mitya57 at ubuntu.com>
> > Reported-by: Vincent Ladeuil
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 80507ee8eb66f4f23494caae26f6d2f0b50480b6
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Aug 29 10:41:19 2013 -0500
> >
> > start.c: handle potential signal flood
> >
> > Signalfd does not guarantee that we'll get an event for every signal.
> > So if 3 tasks exit at the same time, we may get only one sigchld
> > event. Therefore, in signal_handler(), always check whether init has
> > exited. Do with with WNOWAIT so that we can still wait4 to cleanup
> > the init after lxc_poll() exists (rather than complicating the code).
> >
> > Note - there is still a race in the kernel which can cause the
> > container init to become a defunct child of the host init (!). This
> > doesn't solve that, but is a potential (if very unlikely) race which
> > apw pointed out while we were trying to create a reproducer for the
> > kernel bug.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 48c63f8d035045af1103b677b5ec577aec59a5b5
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Mon Aug 26 13:47:58 2013 +0200
> >
> > lxc-alpine: create /dev/zero
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 5acccf95b2bd1e5ffedf687e527dcad5a54d4c1e
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Aug 23 12:45:15 2013 -0500
> >
> > config_ipv6: run inet_pton on the addr value without mask
> >
> > otherwise a "$addr/$mask" results in failure.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 79622932f21d22db36a0b6cca129f559b5e76108
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Aug 22 10:27:40 2013 -0500
> >
> > api: convert lxc_start
> >
> > Normal lxc-start usage tends to be "lxc-start -n name [-P lxcpath]".
> > This causes $lxcpath/$name/config to be the configuration for the
> > container. However, lxc-start is more flexible than that. You can
> > specify a custom configuration file, in which case $lxcpath/$name/config
> > is not used. You can also (in addition or in place of either of these)
> > specify configuration entries one-by-one using "-s lxc.utsname=xxx".
> >
> > To support this using the API, if we are not using
> > $lxcpath/$name/config then we put ourselves into a custom lxcpath
> > called (configurable using LXCPATH) /var/lib/lxc_anon. To stop a
> > container so created, then, you would use
> >
> > lxc-stop -P /var/lib/lxc_anon -n name
> >
> > TODO: we should walk over the list of &defines by hand and set them
> > using c->set_config_item. I haven't done that in this patch.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit cb0c6c020314ee0fea0ce30d209711f7e9c29aaa
> > Author: Scott Moser <smoser at ubuntu.com>
> > Date: Thu Aug 22 15:38:48 2013 -0400
> >
> > hooks/ubuntu-cloud-prep: add hostname to meta-data
> >
> > prior to my enabling of the clone hook, the setting of the hostname
> > was being done by writing to /etc/hostname. Instead of relying on that
> > we're now writing 'local-hostname' into the metadata for the instance.
> >
> > cloud-init then reads this and sets the hostname properly.
> >
> > We are also writing /etc/hostname with the new hostname explicitly. This is
> > useful/necessary because on network bringup of eth0, dhclient will submit its
> > hosname. The updating done by cloud-init occurs to late, and thus
> > the dhcp request goes out with the un-configured hostname and dns doens't
> > work correctly.
> >
> > Signed-off-by: Scott Moser <smoser at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 92b0b5bac5717e5281f51340192288050409ad47
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Aug 21 16:53:52 2013 -0500
> >
> > api: convert lxc_wait, lxc_freeze, and lxc_unfreeze
> >
> > These are the last of the simpler conversions. Start, execute,
> > kill, info and attach remain to be done.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Dwight Engen <dwight.engen at oracle.com>
> >
> > commit 9069513c69d77b5c22219b43f78ba1554431dd36
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Aug 21 14:35:28 2013 -0500
> >
> > lxc_cgroup: convert to using API
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit dfb31b25e298d98ea80a699f019308019c6670d8
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Aug 21 14:43:52 2013 -0500
> >
> > Track snapshot dependencies (v2)
> >
> > (Will push in a bit barring any objections)
> >
> > lvm, btrfs, and zfs snapshots each do an ok job of handling deletions
> > for us - a btrfs snapshot does fine after the original is removed,
> > while zfs and lvm will both refuse to allow the original to be deleted
> > while the snapshot exists.
> >
> > Overlayfs doesn't do this for us. So, for overlayfs snapshots, track
> > the dependencies.
> >
> > When c2 is created as an overlayfs snapshot of dir-backed c1, then
> >
> > 1. c2's lxc_rdepends file will contain
> >
> > c1_lxcpath
> > c1_lxcname
> >
> > 2. c1's lxc_snapshots will contain "1"
> >
> > c1 cannot be deleted so long as lxc_snapshots exists and contains
> > a non-zero number.
> >
> > The contents of lxc_snapshots and lxc_rdepends are protected by
> > container_disk_lock() and at lxc_clone by the new container not yet
> > being accessible.
> >
> > (Originally I was going to keep them in the container config, but the
> > problem with using $lxcpath/$name/config is that api users could end up
> > calling c->save_config() with a cached old value of snapshots/rdepends.)
> >
> > Changelog:
> > aug 21: check for fprintf and fclose failures
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Dwight Engen <dwight.engen at oracle.com>
> >
> > commit 84bdfb2b4c95b24fde5e90e621372fcd6c4d069b
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 20 18:15:06 2013 -0500
> >
> > avoid very unlikely race due to EEXIST
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 659aa0618c34cecd388df73936b41d5fb573090d
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 20 18:01:07 2013 -0500
> >
> > coverity: make indent match nest level
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 5d9598d7d3206d1bede4932e7c8565f1ab309fbc
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 20 17:59:19 2013 -0500
> >
> > coverity: dont dereference before null check
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a09295f841be8add0cbfc2932c59535f0d1365ed
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 20 17:54:19 2013 -0500
> >
> > coverity: don't leak partial_fd
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ca6973422d5471281126e9e1884633367479f246
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 20 17:48:54 2013 -0500
> >
> > coverity: don't leak open DIR
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 01efd4d3d91713fc4f8ca55c7726b8216ed16fc6
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 20 16:58:24 2013 -0500
> >
> > coverity: correctly handle tpath error case.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 1fd9bd50ab0ccea0a6c069147a4bccb0751ca18f
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 20 16:50:25 2013 -0500
> >
> > coverity: ftell returns long, not size_t (which is unsigned)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b4569e93217fe9a18af35b4475c8f8eac1436759
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 20 16:29:29 2013 -0500
> >
> > coverity: don't bother getting template path if we're not going to measure it
> >
> > This should also fix a memory leak, since we were freeing it under ifdef
> > but always allocating it.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit fb760f70541c9af728eb2ab0c6175875f7448752
> > Author: Scott Moser <smoser at ubuntu.com>
> > Date: Mon Aug 19 10:18:37 2013 -0400
> >
> > ubuntu-cloud-prep: improve overlayfs workaround
> >
> > the previous 'patch_start' can be vastly simplified now that I better
> > understand what the bug was. Instead of wrapping 'start', we only
> > need to ensure that /etc/init exists inside the overlayfs, so that the
> > directory that upstart watches is guaranteed to be in the overlay, not
> > the underlay.
> >
> > The problem is described under bug 1213925.
> >
> > Signed-off-by: Scott Moser <smoser at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit e14f67a7bfa7065480fc7cd47a45f209a0aee79b
> > Author: Ubuntu <ubuntu at ip-10-181-158-15.ec2.internal>
> > Date: Mon Aug 19 13:34:59 2013 +0000
> >
> > cgroup updates: fix several bugs
> >
> > 1. add cgroup_get_subsys_abspath() which returns the absolute
> > path for a subsystem mount, and use that where needed to actually
> > set cgroup values
> >
> > 2. cgroup_devices_has_{allow,deny}: don't mix int and boolean
> > values. Also, accept 'a *:* rwm" as any whitelist entry for
> > has_allow().
> >
> > 3. subsys_lists_match(): fix an off-by-one error in calculating
> > updated oldlen. (we need to keep the extra char for '\0')
> >
> > 4. return -1, not 0, if lxc_cgroup_attach fails to open
> > /proc/self/cgroup.
> >
> > Signed-off-by: Ubuntu <ubuntu at ip-10-181-158-15.ec2.internal>
> >
> > commit c9ec905567952830d58a14d1e3a3ea4e1f8b0041
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Mon Aug 19 00:52:44 2013 +0200
> >
> > python/attach: Add function that returns personality for architecture
> >
> > Adds the arch_to_personality function that looks up an architecture
> > and returns the corresponding personality. This may be used in
> > conjunction with the attach/attach_wait keyword argument.
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 01bfae14dd898fecf0bd130e47a62a3155f619d0
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Mon Aug 19 00:52:43 2013 +0200
> >
> > python/attach: export CLONE_NEW* constants to Python
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 4f17323e79969a98604bc30a8cc24cf083d474c3
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Mon Aug 19 00:52:40 2013 +0200
> >
> > cgroup: minor bugfixes so start and attach work again
> >
> > This fixes some minor bugs in the cgroup logic that made start and
> > attach fail (at least when all cgroup controllers were mounted
> > together).
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 9c6694b7073a6ebfd1da4950e0c8db4b91530202
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Mon Aug 19 00:52:42 2013 +0200
> >
> > python/attach: Fix minor memory leaks
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a9cab7e39b101b89470e2e4109c14e7f17218032
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Mon Aug 19 00:52:41 2013 +0200
> >
> > attach: Fix minor memory leak in environment variable handling
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 55c76589fd19e5f04697dcfd0084039cd77ef304
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Mon Aug 19 14:37:20 2013 +0200
> >
> > Remove all trailing whitespaces
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 37fc7b9e2eca60e838bf5bf061bd8a8206e4fa9d
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 16:55:40 2013 +0200
> >
> > Fix lxc-user-nic to work on bionic
> >
> > This adds a couple of missing includes, uses the local version of
> > getline on bionic and replaces getpwuid_r by getpwuid.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit e768f9c0f69df1f02f8252fead6d82648b410bd8
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 16:42:39 2013 +0200
> >
> > Add missing namespace.h include
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 511a6936c7062d59dd9335ef16d9165d19c45604
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 16:40:48 2013 +0200
> >
> > Allow building without confstr
> >
> > We use confstr to grab the default PATH value. If it's not there, just
> > use a standard one with bin and sbin for /, /usr and /usr/local.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 1a2e58cf55979749ea76835d0b36327c051c2715
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 15:38:13 2013 +0200
> >
> > Don't define new_personality when building without personalities
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 5ec279894e8b1275b6cbfaaddb425e8f56639bdc
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 15:35:51 2013 +0200
> >
> > Add missing sys/socket.h include
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a3da2f3bd755165c50c5c7fb55c2bfcb042fb3d8
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 15:35:06 2013 +0200
> >
> > Define SOCK_CLOEXEC when missing
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 7f3e12f3e5223c6a6c34bafdf47df86f66078963
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 15:22:28 2013 +0200
> >
> > Use srand/rand instead of initstate/random
> >
> > initstate/random doesn't work on bionic, srand/rand works on everything,
> > so let's use that.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2e74d6f3744e5aef2e01f1f295472ffdb58f1929
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 15:10:13 2013 +0200
> >
> > Include stdio.h in getline.h for FILE
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 120ce443c466fb1d286ffd200ca22a1e9db7284c
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 15:08:39 2013 +0200
> >
> > Import local getline copy on bionic
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2b89a9c19db30894e2476a5a750c443dee339d70
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 15:05:52 2013 +0200
> >
> > Add missing sys/select.h include for fd_set
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ec346ea11f76d0797035c476794104a3230531f9
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 12:28:17 2013 +0200
> >
> > Add missing syscall.h include to utils.h
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 180edd67022017351a6546b4aa79bcaefada01c8
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 12:25:28 2013 +0200
> >
> > Add arm defines for __NR_signalfd(4)
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 590ae889334b01a59606a1a8952d976098bd6123
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 12:22:38 2013 +0200
> >
> > Android now uses a sane clone() definition
> >
> > The current Android NDK provides a clone() defintion that's identical to
> > eglibc's so we can drop the ifdef from that one.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit bff13ba210ed61f756fc82adce1921f84b43ffe0
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 12:19:44 2013 +0200
> >
> > Define BLKGETSIZE64 and LO_FLAGS_AUTOCLEAR
> >
> > Those two aren't always around (specifically on bionic), so add some
> > defines in case they aren't already defined.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 92adc3e911314a6f90986d8410ec0ff4b82c9f79
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 12:18:15 2013 +0200
> >
> > Export the local getmntent_r implementation
> >
> > New code now uses getmntent_r so we need it exported so that it can be
> > used when building on bionic.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit c32981c3fb1bf5191052fb1c348bdc8b9e7c1b15
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 11:53:11 2013 +0200
> >
> > Replace all calls to rindex by strrchr
> >
> > The two functions are identical but strrchr also works on Bionic.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 4ba0d9af63fbf7e9acfa068a1fe36b3d287b9c6b
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 11:47:10 2013 +0200
> >
> > Add a local implementation of ifaddrs.h
> >
> > This adds a local ifaddrs implementation to be used on Bionic or other C
> > libraries that don't come with a getifaddrs implementation.
> >
> > This code was written by Kenneth MacKay and is under a two-clause BSD
> > license (copyright information in the file headers).
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d24d56d7ee3420bb79238ff84cad07c20cf4757d
> > Author: Scott Moser <smoser at ubuntu.com>
> > Date: Fri Aug 16 16:47:32 2013 -0400
> >
> > ubuntu-cloud-prep: patch /sbin/start for overlayfs
> >
> > upstart depends on inotify, and overlayfs does not support inotify.
> >
> > That means that the following results in 'tgt' not running. tgt is simply
> > used here as an example of a service that installs an upstart job and
> > starts it on package install.
> > lxc-clone -s -B overlayfs -o source-precise-amd64 -n test1
> > lxc-start -n test1
> > ..
> > apt-get install tgt
> >
> > The change here is to modify /sbin/start inside the container so that when
> > something explicitly tries 'start', it results in an explicit call to
> > 'initctl reload-configuration' so that upstart is aware of the newly
> > placed job.
> >
> > Should overlayfs ever gain inotify support, this should still not cause
> > any harm.
> >
> > Signed-off-by: Scott Moser <smoser at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit e3fdf5cc9c60eb97f8520f059ad1a09d3f73509d
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Aug 16 15:50:25 2013 -0500
> >
> > lxc-clone: default to overlaysf for -s clone of dir
> >
> > If you go to the trouble to request a -s (snapshot) clone of
> > a container which is dir backingstore, then you deserve an
> > overlayfs clone.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 6fe93aa1877359365a07d9110e0e2dbfb3b0205f
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Aug 16 13:34:36 2013 -0500
> >
> > cgroup.c: remove spurious ERROR messages
> >
> > Because they are in probing functions.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit d74325c436457b87b17e3ea598a9eb4ba66e0d49
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 14:57:44 2013 +0200
> >
> > Replace a few more str(n)dupa by str(n)dup + free
> >
> > strdup and strndup still don't exist on bionic, so we need to do the
> > alloc() call ourselves or free the memory by hand.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 1d374b9725e53d8b099970c1b501d56d599c4772
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 16 12:09:02 2013 +0200
> >
> > Add attach_options.h to the list of included files
> >
> > Without this, make dist doesn't include it and LXC fails to build.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit fbbf51926e113e5e70d6ea507ed7d1019d0e0aa8
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Aug 15 15:37:30 2013 -0500
> >
> > document new lxc-create btrfs behavior
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d44e88c26690a56f9efac58f602dba06c9ec0c90
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Aug 15 12:55:50 2013 -0500
> >
> > bdev: support -B best and -B lvm,dir
> >
> > -B dev will check whether btrfs, zfs, or lvm can be used,
> > in that order, and fall back to dir.
> >
> > -B lvm,btrfs will try lvm first, then btrfs, then fail.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d3060bd055eac45c1767e1e80fcaba763eb7477d
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Aug 15 12:22:26 2013 -0500
> >
> > bdev_create: don't default to btrfs if possible
> >
> > Ideally it would be great to default to a btrfs subvolume for each new
> > container created. However, this is not as we previously thought
> > without consequence. 'rsync --one-file-system' will not descend into
> > btrfs subvolumes. This means that 'lxc-create -B _unset' will cause
> > different behavior for rsync -vax /var/lib/lxc based on whether that
> > fs is btrfs or not.
> >
> > So don't do that. If -B is not specified, use -B dir.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d007f8ab3da297ed0de884e0c6e57a66de2fcb42
> > Author: Alexander Vladimirov <alexander.idkfa.vladimirov at gmail.com>
> > Date: Thu Aug 15 14:27:05 2013 +0800
> >
> > Add subdir-objects option to AM_INIT_AUTOMAKE
> >
> > Fix build with automake 1.14 and newer, since it requires explicit
> > setting now.
> >
> > Signed-off-by: Alexander Vladimirov <alexander.idkfa.vladimirov at gmail.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit bf7d3153c925ca1404662a8fe031da27308f4187
> > Author: Michael H. Warfield <mhw at WittsEnd.com>
> > Date: Thu Aug 15 13:57:50 2013 -0400
> >
> > lxc-fedrora: New patch for systemd detection and init configuration.
> >
> > Satoshi Matsumoto certainly had the right idea and in spotting a bug in
> > the lxc-fedora template for systemd detection. Heart was in the right
> > spot but patch was not what we needed.
> >
> > I've looked the patch code over for systemd support and init/upstart
> > support and modified the logic appropriately. If /etc/systemd/system
> > exists, we'll do the right thing by systemd. If /etc/rc.sysinit exists,
> > we'll do the right thing by init / upstart. If both are installed,
> > we'll trying and accommodate both in case someone is playing games with
> > the two (I've done this).
> >
> > Patch was trivial, just took more time to actually test it and create
> > some containers with it and verify them, than it did to code them.
> >
> > Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3d5e9f4801c0311a6300fc781a4c0a09a6d463fe
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Tue Aug 13 23:04:37 2013 +0200
> >
> > attach: implement remaining options of lxc_attach_set_environment
> >
> > This patch implements the extra_env and extra_keep options of
> > lxc_attach_set_environment.
> >
> > The Python implementation, the C container API and the lxc-attach
> > utility are able to utilize this feature; lxc-attach has gained two new
> > command line options for this.
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d7a09c630b2150636bf4dfb266bc632abd65dfa8
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Tue May 21 14:57:06 2013 +0200
> >
> > python: add attach support
> >
> > Add methods attach() and attach_wait() to the Python API that give
> > access to the attach functionality of LXC. Both accept two main
> > arguments:
> >
> > 1. run: A python function that is executed inside the container
> > 2. payload: (optional) A parameter that will be passed to the python
> > function
> >
> > Additionally, the following keyword arguments are supported:
> >
> > attach_flags: How attach should operate, i.e. whether to attach to
> > cgroups, whether to drop capabilities, etc. The following
> > constants are defined as part of the lxc module that may
> > be OR'd together for this option:
> > LXC_ATTACH_MOVE_TO_CGROUP
> > LXC_ATTACH_DROP_CAPABILITIES
> > LXC_ATTACH_SET_PERSONALITY
> > LXC_ATTACH_APPARMOR
> > LXC_ATTACH_REMOUNT_PROC_SYS
> > LXC_ATTACH_DEFAULT
> > namespaces: Which namespaces to attach to, as defined as the flags that
> > may be passed to the clone(2) system call. Note: maybe we
> > should export these flags too.
> > personality: The personality of the process, it will be passed to the
> > personality(2) syscall. Note: maybe we should provide
> > access to the function that converts arch into
> > personality.
> > initial_cwd: The initial working directory after attaching.
> > uid: The user id after attaching.
> > gid: The group id after attaching.
> > env_policy: The environment policy, may be one of:
> > LXC_ATTACH_KEEP_ENV
> > LXC_ATTACH_CLEAR_ENV
> > extra_env_vars: A list (or tuple) of environment variables (in the form
> > KEY=VALUE) that should be set once attach has
> > succeeded.
> > extra_keep_env: A list (or tuple) of names of environment variables
> > that should be kept regardless of policy.
> > stdin: A file/socket/... object that should be used as stdin for the
> > attached process. (If not a standard Python object, it has to
> > implemented the fileno() method and provide a fd as the result.)
> > stdout, stderr: See stdin.
> >
> > attach() returns the PID of the attached process, or -1 on failure.
> >
> > attach_wait() returns the return code of the attached process after
> > that has finished executing, or -1 on failure. Note that if the exit
> > status of the process is 255, -1 will also be returned, since attach
> > failures result in an exit code of 255.
> >
> > Two default run functions are also provided in the lxc module:
> >
> > attach_run_command: Runs the specified command
> > attach_run_shell: Runs a shell in the container
> >
> > Examples (assumeing c is a Container object):
> >
> > c.attach_wait(lxc.attach_run_command, 'id')
> > c.attach_wait(lxc.attach_run_shell)
> > def foo():
> > print("Hello World")
> > # the following line is important, otherwise the exit code of
> > # the attached program will be -1
> > # sys.exit(0) will also work
> > return 0
> > c.attach_wait(foo)
> > c.attach_wait(lxc.attach_run_command, ['cat', '/proc/self/cgroup'])
> > c.attach_wait(lxc.attach_run_command, ['cat', '/proc/self/cgroup'],
> > attach_flags=(lxc.LXC_ATTACH_DEFAULT &
> > ~lxc.LXC_ATTACH_MOVE_TO_CGROUP))
> >
> > Note that while it is possible to execute Python code inside the
> > container by passing a function (see example), it is unwise to import
> > modules, since there is no guarantee that the Python installation
> > inside the container is in any way compatible with that outside of it.
> > If you want to run Python code directly, please import all modules
> > before attaching and only use them within the container.
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b7f2846aabb8c1c59b078b4c529e60ea254432f1
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Tue Aug 13 21:36:58 2013 +0200
> >
> > python: improve convert_tuple_to_char_pointer_array
> >
> > convert_tuple_to_char_pointer_array now also accepts lists and not only
> > tuples when converting to a C array. Other fixes:
> >
> > - some checking that it's actually a list/tuple before trying to
> > convert
> > - off-by-a-few-bytes allocation error
> > (sizeof(char *)*n+1 vs. sizeof(char *)*(n+1)/calloc(...))
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 626ad11bfee3e12e675f51e92920030a6f383b19
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Tue Aug 13 21:33:19 2013 +0200
> >
> > apparmor/attach: make sure buffer is NUL-terminated
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a0e93eeb2293e15a18e6c56271d13907f082c4df
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Tue May 21 14:57:06 2013 +0200
> >
> > Add attach support to container C API
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 61a1d519f472c1ac95c641d974401c932f82be66
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Tue May 21 14:56:00 2013 +0200
> >
> > Add helper functions to convert va_list of char* to char**.
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 9c4693b853c5a9ab2156544ee3334a082cdba420
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Wed May 8 14:57:35 2013 +0200
> >
> > lxc-attach: Completely rework lxc-attach and move to API function
> >
> > - Move attach functionality to a completely new API function for
> > attaching to containers. The API functions accepts the name of the
> > container, the lxcpath, a structure indicating options for attaching
> > and returns the pid of the attached process. The calling thread may
> > then use waitpid() or similar to wait for the attached process to
> > finish. lxc-attach itself is just a simple wrapper around the new
> > API function.
> >
> > - Use CLONE_PARENT when creating the attached process from the
> > intermediate process. This allows the intermediate process to exit
> > immediately after attach and the original thread may supervise the
> > attached process directly.
> >
> > - Since the intermediate process exits quickly, its only job is to
> > send the original process the pid of the attached process (as seen
> > from outside the pidns) and exit. This allows us to simplify the
> > synchronisation logic by quite a bit.
> >
> > - Use O_CLOEXEC / SOCK_CLOEXEC on (hopefully) all FDs opened in the
> > main thread by the attach logic so that other threads of the same
> > program may safely fork+exec off. Also, use shutdown() on the
> > synchronisation socket, so that if another thread forks off without
> > exec'ing, the synchronisation will not fail. (Not tested whether
> > this solves this issue.)
> >
> > - Instead of directly specifying a program to execute on the API
> > level, one specifies a callback function and a payload. This allows
> > code using the API to execute a custom function directly inside the
> > container without having to execute a program. Two default callbacks
> > are provided directly, one to execute an arbitrary program, another
> > to execute a shell. The lxc-attach utility will always use either
> > one of these default callbacks.
> >
> > - More fine-grained control of the attached process on the API level
> > (not implemented in lxc-attach utility yet, some may not be sensible):
> > * Specify which file descriptors should be stdin/stdout/stderr of
> > the newly created process. If fds other than 0/1/2 are
> > specified, they will be dup'd in the attached process (and the
> > originals closed). This allows e.g. threaded applications to
> > specify pipes for communication with the attached process
> > without having to modify its own stdin/stdout/stderr before
> > running lxc-attach.
> > * Specify user and group id for the newly attached process.
> > * Specify initial working directory for the newly attached
> > process.
> > * Fine-grained control on whether to do any, all or none of the
> > following: move attached process into the container's init's
> > cgroup, drop capabilities of the process, set the processes's
> > personality, load the proper apparmor profile and (for partial
> > attaches to any but not mount-namespaces) whether to unshare the
> > mount namespace and remount /sys and /proc. If additional
> > features (SELinux policy, SMACK policy, ...) are implemented,
> > flags for those may also be provided.
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 650468bb4a5c9a6c69b524f574e8d0f315f45c37
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Tue May 21 11:58:35 2013 +0200
> >
> > Fix return type of read/write utility functions.
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b93aac46f2802b3639c1ac2ed0cf71174673d110
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Aug 14 15:01:40 2013 -0500
> >
> > lxc-stop: exit with 1 or 2, not -1 or -2.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 01e6b7148046c3f41849d093bc61454279792b80
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Aug 14 14:58:48 2013 -0500
> >
> > lxc_destroy: print an error if the container is not defined.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b98f7d6ed1b89b6452af4a2b5e27d445e4b3a138
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Aug 9 23:47:37 2013 -0500
> >
> > cgroups: rework to handle nested containers with multiple and partial mounts
> >
> > Currently, if you create a container and use the mountcgruop hook,
> > you get the /lxc/c1/c1.real cgroup mounted to /. If you then try
> > to start containers inside that container, lxc can get confused.
> > This patch addresses that, by accepting that the cgroup as found
> > in /proc/self/cgroup can be partially hidden by bind mounts.
> >
> > In this patch:
> >
> > Add optional 'lxc.cgroup.use' to /etc/lxc/lxc.conf to specify which
> > mounted cgroup filesystems lxc should use. So far only the cgroup
> > creation respects this.
> >
> > Keep separate cgroup information for each cgroup mountpoint. So if
> > the caller is in devices cgroup /a but cpuset cgroup /b that should
> > now be ok.
> >
> > Change how we decide whether to ignore failure to set devices cgroup
> > settings. Actually look to see if our current cgroup already has the
> > settings. If not, add them.
> >
> > Finally, the real reason for this patch: in a nested container,
> > /proc/self/cgroup says nothing about where under /sys/fs/cgroup you
> > might find yourself. Handle this by searching for our pid in tasks
> > files, and keep that info in the cgroup handler.
> >
> > Also remove all strdupa from cgroup.c (not android-friendly).
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 070a4b8e68a6bf9a96c24ded47974388c83f1d57
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Aug 9 21:08:28 2013 -0500
> >
> > lxc-user-nic: specify config and db files in autoconf
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 20ab58c777136a449b3199e0733b62fa87ecfa61
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Aug 9 14:48:35 2013 -0500
> >
> > add lxc-user-nic
> >
> > It is meant to be run setuid-root to allow unprivileged users to
> > tunnel veths from a host bridge to their containers. The program
> > looks at /etc/lxc/lxc-usernet which has entries of the form
> >
> > user type bridge number
> >
> > The type currently must be veth. Whenver lxc-user-nic creates a
> > nic for a user, it records it in /var/lib/lxc/nics (better location
> > is needed). That way when a container dies lxc-user-nic can cull
> > the dead nic from the list.
> >
> > The -DISTEST allows lxc-user-nic to be compiled so that it uses
> > files under /tmp and doesn't actually create the nic, so that
> > unprivileged users can compile and test the code. lxc-test-usernic
> > is a script which runs a few tests using lxc-usernic-test, which
> > is a version of lxc-user-nic compiled with -DISTEST.
> >
> > The next step, after issues with this code are raised and addressed,
> > is to have lxc-start, when running unprivileged, call out to
> > lxc-user-nic (will have to exec so that setuid-root is honored).
> > On top of my previous unprivileged-creation patchset, that should
> > allow unprivileged users to create and start useful containers.
> >
> > Also update .gitignore.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3fb18be95747034bf36f46be11b0eb288b2ec1b4
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Aug 14 09:57:12 2013 -0500
> >
> > hooks/Makefile.am: add ubuntu-cloud-prep
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit baece282266318a9bb527cefc85ebf7b6dd7f10e
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 13 13:45:56 2013 -0500
> >
> > lxc.conf.sgml.in: note the arguments and environment variables passed to hooks
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 8bb17b7791777538d8f7cc957939fc871843f218
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 13 00:05:49 2013 -0500
> >
> > mountcgroups: use the right configuration file!
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 79159a86ddb51071055abd7ee08935bc65b9e7a9
> > Author: Scott Moser <smoser at ubuntu.com>
> > Date: Sat Aug 10 05:51:21 2013 -0400
> >
> > ubuntu-cloud-prep: cleanup, fix bug with userdata
> >
> > --userdata was broken, completely missing an implementation.
> > This adds that implementation back in, makes 'debug' logic
> > correct, and then also improves the doc at the top.
> >
> > Signed-off-by: Scott Moser <smoser at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 034a01593a4ae10d6f1e49b71afbfff70cfc226c
> > Author: Franz Pletz <fpletz at fnordicwalking.de>
> > Date: Mon Aug 12 14:01:39 2013 +0200
> >
> > lxc-destroy: Fix regular expression for getting rootfs
> >
> > The `lxc-destroy` script was using a simple `grep` for extracting
> > `lxc.rootfs` from the lxc config. This regex also matches commented lines
> > and breaks at least removing btrfs subvolumes if the string `lxc.rootfs`
> > is mentioned in a comment. Furthermore, due to the unescaped dot in the
> > regex it would also match other wrong strings like `lxc rootfs`.
> >
> > This patch modifies the regular expression to correctly match the beginning
> > of the line plus potential whitespace characters and the string
> > `lxc.rootfs`.
> >
> > Signed-off-by: Franz Pletz <fpletz at fnordicwalking.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 54e339f91785368a7825b2edaad04c2177a1a382
> > Author: Scott Moser <smoser at ubuntu.com>
> > Date: Fri Aug 9 15:37:23 2013 +0100
> >
> > ubuntu-cloud-prep: fix bad declare of VERBOSITY
> >
> > Signed-off-by: Scott Moser <smoser at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 65d8ae9c4a66f5ca85289c02dc06d63261c84619
> > Author: Scott Moser <smoser at ubuntu.com>
> > Date: Thu Aug 8 19:16:59 2013 +0100
> >
> > add a clone hook for ubuntu-cloud images
> >
> > This allows ability to now specify '--userdata' arguments to 'create' or
> > to 'clone'. So now, the following means very fast start of instances with
> > different user-data.
> >
> > $ sudo lxc-create -t ubuntu-cloud -n precise -- \
> > -r precise --arch amd64
> >
> > $ sudo lxc-clone -B overlayfs -o precise -s -n ephem1 \
> > --userdata="my.userdata1"
> > $ sudo lxc-clone -B overlayfs -o precise -s -n ephem2 \
> > --userdata="my.userdata2"
> >
> > Also present here is
> > * an improvement to the static list of Ubuntu releases. It uses
> > ubuntu-distro-info if available degrades back to a static list on failure.
> > * moving of the replacement variables to the top of the create template This
> > is just to make it more obvious what is being replaced and put them in a
> > single location.
> >
> > Signed-off-by: Scott Moser <smoser at ubuntu.com>
> >
> > commit 1c8e4ee0a08638e35732a0ddd0052ecde49fbecb
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 9 15:06:02 2013 +0200
> >
> > Cleanup Makefile.am
> >
> > Remove some dead code and fix identation, no functional change.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 4a0ba80d62c0d8aeb5c9857749659fdf716c380a
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Aug 9 11:32:55 2013 +0200
> >
> > Replace mktemp() by a new mkifname()
> >
> > Using mktemp() leads to build time warnings and isn't actually
> > appropriate for what we want to do as it's checking for the existence of
> > a file and not a network interface.
> >
> > Replace those calls by an equivalent mkifname() function which uses the
> > same template as mktemp but instead checks for existing network
> > interfaces.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b40a606e52c788db85fe1c42d3747483d159b6a5
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Aug 6 14:56:48 2013 -0500
> >
> > Logging: don't confuse command line and config file specified values
> >
> > Currently if loglevel/logfile are specified on command line in a
> > program using LXC api, and that program does any
> > container->save_config(), then the new config will be saved with the
> > loglevel/logfile specified on command line. This is wrong, especially
> > in the case of
> >
> > cat > lxc.conf << EOF
> > lxc.logfile=a
> > EOF
> >
> > lxc-create -t cirros -n c1 -o b
> >
> > which will result in a container config with lxc.logfile=b.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 96532523ef90ea6ce3f08ec7d74c3c850b885e50
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Aug 5 15:20:29 2013 -0500
> >
> > lxc-clone: don't s/oldname/newname in the config file and hooks
> >
> > 1. container hooks should use lxcpath and lxcname from the environment.
> > 2. the utsname now gets separately updated
> > 3. the rootfs path gets updated by the bdev backend.
> > 4. the fstab mount targets should be relative
> > 5. the fstab source directories could be separately updated if needed.
> >
> > This leaves one definate bug: the lxc.logfile does not get updated.
> > This made me wonder why it was in the configuration file to begin with.
> > Digging deeper, I realized that whatever '-o outfile' you give
> > lxc-create gets set in log.c and gets used by the lxc_container object
> > we create at write_config(). So if you say
> > lxc-create -t cirros -n c1 -o /tmp/out1
> > then /var/lib/lxc/c1/config will have lxc.logfile=/tmp/out1 - which is
> > clearly wrong. Therefore I leave fixing that for later.
> >
> > I'm looking for candidates for $p/$n expansion. Note we can't expand
> > these at config_utsname() etc, because then lxc-clone would see the
> > expanded variable. So we want to read $p/$n verbatim at config_*(),
> > and expand them only when they are used. lxc.logfile is an obvious
> > good use case. lxc.utsname can do it too, in case you want container
> > c1 to be called "c1-whatever". I'm not sure that's worth it though.
> > Are there any others, or is that it?
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d273b8abfa24040c8ef0dd73eb1d30ef8dcbec54
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Aug 7 08:53:07 2013 -0500
> >
> > ubuntu-cloud: remove debugging echo
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit c9cbb9e51436f84d7871a50776dccacfd8dc196a
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Jul 26 22:57:10 2013 +0200
> >
> > cgroups: fix the recently broken setting of clone_children
> >
> > Several places think that the current cgroup will be NULL rather
> > than "/" when we're in the root cgroup. Fix that.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2c495ae35a804e3c12cb9f4826c30295043986ce
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jul 22 23:59:18 2013 -0500
> >
> > cgroup_enter: catch write errors
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit d155b47dac549a5c30c0011923274e3744109c91
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jul 22 15:23:58 2013 -0500
> >
> > define lxc-usernsexec
> >
> > It uses the newuidmap and newgidmap program to start a shell in
> > a mapped user namespace. While newuidmap and newgidmap are
> > setuid-root, lxc-usernsexec is not.
> >
> > If new{ug}idmap are not available, then this program is not
> > built or installed. Otherwise, it will be used to support creating,
> > starting, destroying, etc containers by unprivileged users using
> > their authorized subuids and subgids.
> >
> > Example:
> > usernsexec -m u:0:100000:1 -- /bin/bash
> >
> > will, if the user is authorized to use subuid 100000, start a
> > bash shell in a user namespace where 100000 on the host is
> > mapped to root in the namespace, and the shell is running as
> > (privileged) root.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 469b57873977afcb5d9f5adb00097c944caedd2a
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jul 22 14:09:19 2013 -0500
> >
> > lxclock: use XDG_RUNTIME_DIR for lock if appropriate (v2)
> >
> > If we are euid==0 or XDG_RUNTIME_DIR is not set, then use
> > /run/lock/lxc/$lxcpath/$lxcname as before. Otherwise,
> > use $XDG_RUNTIME_DIR/lock/lxc/$lxcpath/$lxcname.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Cc: Stéphane Graber <stephane.graber at canonical.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit b60ed720848c8276e4e770d380ec6014768d9923
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 10 12:35:26 2013 -0700
> >
> > A few changes for unprivileged lxc-start
> >
> > When doing reboot test, must add clone_newuser to clone flags, else
> > we can't clone(CLONE_NEWPID).
> >
> > If we don't have caps at lxc-start, don't refuse to start. Drop the
> > lxc_caps_check() function altogether as it is unused now.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit b113383b84e5fcd2997a939d3f826a06b109e3d9
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Jul 18 22:46:30 2013 -0500
> >
> > send current cgroup to lxc_cgroup_create()
> >
> > This is needed if we're going to have unprivileged users
> > create containers inside cgroups which they own.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 1aad9e44d65e7c20dabc4c99f57bcf532db66c68
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jul 15 20:24:14 2013 -0500
> >
> > ubuntu-cloud: changes to support unprivileged use
> >
> > don't try to lock if using a specified tarball
> >
> > The lock/subsys/lxc-ubuntu-cloud lock is to protect the tarballs
> > managed under /var/cache/lxc/cloud-$release. Don't lock if we've
> > been handed a tarball.
> >
> > fake device creation
> >
> > Unprivileged users can't create devices, so bind mount null, tty, urandom
> > and console from the host.
> >
> > Changelog:
> > Jul 22: as Stéphane points out, remove a left-over debug line
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 460bcbd85c97b5a0eac9cf7cead1abde1281cd5a
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed May 8 20:25:06 2013 -0500
> >
> > lxc-create: support unpriv users
> >
> > Just make sure we are root if we are asked to deal with something other
> > than a directory, and make sure we have permission to create the
> > container in the given lxcpath.
> >
> > The templates will need much more work.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 5be56973e5e874a142263dfb164b0b03e18a65f3
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed May 8 20:15:29 2013 -0500
> >
> > templates: require running as root
> >
> > Up to now lxc-create ensured that you were running as root. Now the
> > templates which require root need to do it for themselves. Templates
> > which do mknod definately require root.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 4165b2c65648b5df521c6e83b1cbad91d0896a00
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Jul 18 16:08:12 2013 -0500
> >
> > teach lxc-cirros about the --rootfs argument
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 6f259716e75552cf46ee5125bdbd21e34456d0c0
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Jul 17 09:38:28 2013 -0500
> >
> > ubuntu templates: add some kernel filesystems to container fstab
> >
> > The debugfs, fusectl, and securityfs may not be mounted inside a
> > non-init userns. But mountall hangs waiting for them to be
> > mounted. So just pre-mount them using $lxcpath/$name/fstab as
> > bind mounts, which will prevent mountall from trying to mount
> > them.
> >
> > If the kernel doesn't provide them, then the bind mount failure
> > will be ignored, and mountall in the container will proceed
> > without the mount since it is 'optional'. But without these
> > bind mounts, starting a container inside a user namespace
> > hangs.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 8058be395d46cfabf2dacd7df79e95309619986a
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue Jul 16 10:35:02 2013 -0400
> >
> > clone: only update <rootfs>/etc/hostname if it exists
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 819554fe20bbc0ce720b5ed0d5b8e53aeba6b284
> > Author: John McFarlane <john at rockfloat.com>
> > Date: Fri Jul 12 14:06:20 2013 -0700
> >
> > Make get_ips timeout poll configurable
> >
> > This commit increases the default timeout used by lxc-start-ephemeral
> > from 5 to 10, and adds support for an LXC_IP_TIMEOUT override.
> >
> > Patchset 2:
> > - Previous patch used a command line arg.
> >
> > Signed-off-by: John McFarlane <john at rockfloat.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 5202677243dcda16ab97c07d497174726198f7ab
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Jul 16 08:11:56 2013 -0500
> >
> > lxccontainer: don't define certain variables if !HAVE_GNUTLS
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 27c27d73e1b1a07e3621484fa033206549e2a1f5
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jul 15 16:42:15 2013 -0500
> >
> > userns: clear and save id_map (v2)
> >
> > Otherwise (a) there is a memory leak when using user namespaces and
> > clearing a config, and (b) saving a container configuration file doesn't
> > maintain the userns mapping. For instance, if container c1 has
> > lxc.id_map configuration entries, then
> >
> > python3
> > import lxc
> > c=lxc.Container("c1")
> > c.save_config("/tmp/config1")
> >
> > should show 'lxc.id_map =' entries in /tmp/config1.
> >
> > Changelog for v2:
> > 1. fix incorrect saving of group types (s/'c'/'g')
> > 2. fix typo -> idmap->type should be idmap->idtype
> >
> > Reported-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Dwight Engen <dwight.engen at oracle.com>
> > Tested-by: Dwight Engen <dwight.engen at oracle.com>
> >
> > commit 3ce746862b2a2b33f3de65aeecda0bad1a5dd27c
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Jul 12 14:07:23 2013 -0500
> >
> > lxc_create: prepend pretty header to config file (v2)
> >
> > Define a sha1sum_file() function in utils.c. Use that in lxcapi_create
> > to write out the sha1sum of the template being used. If libgnutls is
> > not found, then the template sha1sum simply won't be printed into the
> > container config.
> >
> > This patch also trivially fixes some cases where SYSERROR is used after
> > a fclose (masking errno) and missing consts in mkdir_p.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 868a70afead6cc48a4c883126ea3ef01b6ec57e0
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Jul 12 15:33:06 2013 -0500
> >
> > ubuntu-cloud template: accept --rootfs argument
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 6a2e602b1b03617e77dcd4b5f82f34713a970ac4
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Jul 12 14:08:17 2013 -0500
> >
> > remove old lxc-create script.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit dc23c1c817da5c13529432270e51d0f7f3b1e95e
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Jul 12 09:44:41 2013 -0500
> >
> > create: add a quiet flag
> >
> > If set, then fds 0,1,2 will be redirected while the creation
> > template is executed.
> >
> > Note, as Dwight has pointed out, if fd 0 is redirected, then if
> > templates ask for input there will be a problem. We could simply
> > not redirect fd 0, or we could require that templates work without
> > interaction. I'm assuming here that we want to do the latter, but
> > I'm open to changing that.
> >
> > Reported-by: "S.Çağlar Onur" <caglar at 10ur.org>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ae13ae0853a246119ddaf9c8cc6d128a21a8988c
> > Author: zoolook <nbensa+lxcusers at gmail.com>
> > Date: Thu Jul 11 20:38:02 2013 -0300
> >
> > lxc_clone.c: Allow size subfixes for -L parameter
> >
> > lxc-clone ignores size subfixes (K, M, G) when using -L parameter. The
> > following is a quick patch to allow, for example, lxc-clone -L 10G.
> >
> > Signed-off-by: Norberto Bensa <nbensa at gmail.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 283678ed2ccd88a6ba57fcb28516311adcdb6fac
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Jul 5 19:34:55 2013 -0500
> >
> > Accomodate stricter devices cgroup rules
> >
> > 3.10 kernel comes with proper hierarchical enforcement of devices
> > cgroup. To keep that code somewhat sane, certain things are not
> > allowed. Switching from default-allow to default-deny and vice versa
> > are not allowed when there are children cgroups. (This *could* be
> > simplified in the kernel by checking that all child cgroups are
> > unpopulated, but that has not yet been done and may be rejected)
> >
> > The mountcgroup hook causes lxc-start to break with 3.10 kernels, because
> > you cannot write 'a' to devices.deny once you have a child cgroup. With
> > this patch, (a) lxcpath is passed to hooks, (b) the cgroup mount hook sets
> > the container's devices cgroup, and (c) setup_cgroup() during lxc startup
> > ignores failures to write to devices subsystem if we are already in a
> > child of the container's new cgroup.
> >
> > ((a) is not really related to this bug, but is definately needed.
> > The followup work of making the other hooks use the passed-in lxcpath
> > is still to be done)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit cbee8106e38f9ffa130c7bf8be325f7f203da67a
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Jul 10 23:30:29 2013 -0500
> >
> > lxcapi_create: fix template handling
> >
> > 1. If no template is passed in, then do not try to execute it. The user
> > just wanted to write the configuration.
> >
> > 2. If template is passed in as a full path, then use that instead of
> > constructing '$templatedir/lxc-$template'.
> >
> > Reported-by: Wanlong Gao <gaowanlong at cn.fujitsu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 96b3cb407c07915db2cd0542c313a4bff4d1d389
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Jul 10 23:29:20 2013 -0500
> >
> > lxcapi_create: split out the template execution
> >
> > Make it its own function to make both more readable.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit fb75356a85e3097db77386e7c62836a3ee69217f
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue Jul 9 14:44:36 2013 -0400
> >
> > oracle template: use clonehostname hook script
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 1143ed392d2760e8f7aeee88d570bb0ba151885f
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue Jul 9 16:19:45 2013 -0400
> >
> > add clonehostname hook
> >
> > This hook script updates the hostname in various files under /etc in the
> > cloned container. In order to do so, the old container name is passed in
> > the LXC_SRC_NAME environment variable.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b9b3a92f664fe3966decd0411b25fb6b77425e23
> > Author: Michael H. Warfield <mhw at WittsEnd.com>
> > Date: Tue Jul 9 15:40:38 2013 -0400
> >
> > lxc-fedora template - Fix retries, use os-release for release, add utsname.
> >
> > Hey all!
> >
> > Patch for the Fedora template. Several things...
> >
> > 1) A month or so ago, I floated an idea of adding an option for utsname
> > which Serge seemed to like but we let it float for more feedback (none
> > came).
> >
> > 2) In private mail to Serge and Stéphane I mentioned the idea of using
> > the CPE (Common Platform Enumeration) for host distro and version
> > identification. I heard back from Serge but not Stéphane. CPE is a
> > standard promoted by NIST and Mitre (along with CVE and CVSS) as part of
> > the security community as a common identification mechanism. It's
> > supported by RedHat based distros and many others (notable exception
> > Ubuntu). I've patched the Fedora template to parse first
> > the /etc/os-release file or, alternatively, the /etc/system-release-cpe
> > file for the distro ID and version instead of the human
> > readable /etc/redhat-release. There's more that can be done with that
> > in the realm of cross distro container builds, I suspect.
> >
> > 3) At the time of working on 1&2 I noticed that the retry logic in the
> > Fedora template just didn't seem right. I believe I posted a message
> > asking for clarification on that behavior. A recently post in the
> > -users list indicating that someone could not create a Fedora 19
> > container (because the release ver string was 19-2 and the template was
> > only looking for -1) prompted me to rework the retry logic for handling
> > the mirror list and servers as well as revamp the download logic to
> > properly identify the correct release package.
> >
> > The patch for all of the above is attached below the jump. It's been
> > tested on Fedora 17 through Fedora 19 hosts and has created containers
> > for F11, F12, F13, F14, F16, F17, F18, and F19. F15 failed for rpm
> > dependency issues that are not worth fixing (IMHO).
> >
> > Regards,
> > Mike
> > --
> > Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
> > /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> > NIC whois: MHW9 | An optimist believes we live in the best of all
> > PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
> >
> > --
> >
> > Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3327917f4a991a49ba1562b774c63c45139772eb
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue Jul 9 18:07:26 2013 -0400
> >
> > fix potential out of bounds pointer deref
> >
> > I noticed that if find_first_wholeword() is called with word at the very
> > beginning of p, we will deref *(p - 1) to see if it is a word boundary.
> > Fix by considering p = p0 to be a word boundary.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 9313e1e628160ca64f9e7fcec6500056c9a0725f
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Tue Jul 9 18:30:52 2013 -0400
> >
> > ubuntu: Tweak layout of the config
> >
> > Just add an extra white line to both templates.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 6cda3f5ac1e3a20a97a419923e587d6bdb1fece9
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Mon Jul 8 13:02:52 2013 -0400
> >
> > ubuntu: Fix openssh postinst call in >= saucy
> >
> > The new openssh uses a different mechanism to start/stop the daemon
> > which in turn requires a few tweaks in our template to deal with both
> > the new and old ways of doing that.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b58e60e232a3049d946a3b18e6f21912cd3453f0
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Mon Jul 8 11:01:36 2013 -0400
> >
> > lxc-start-ephemeral: Fix console() and add storage option
> >
> > The introduction of the new console() python API broke
> > lxc-start-ephemeral's console(tty=1) call, I now changed that to
> > console() which does the right thing with both API versions.
> >
> > This also adds a new storage-type option, letting the user choose to use
> > a standard directory instead of tmpfs for the container (but still have
> > it ephemeral).
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 39ffde307ad83bd407aaa6a0d81682902bab248b
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Mon Jul 8 10:46:20 2013 -0400
> >
> > python: Update scripts to respect PEP-8 spec
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit b0f9616f6227f56dce8ca2514610f432ba4fab8a
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Mon Jul 8 10:41:32 2013 -0400
> >
> > python: Re-introduce timeout in get_ips
> >
> > It turns out that most API users want some kind of timeout option for
> > get_ips, so instead of re-implementing it in every single client
> > software, let's just have it as a python overlay upstream.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 18efb001a4498f8fc62ab37f1db552fdf001e798
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri Jul 5 12:17:15 2013 -0400
> >
> > fix sshd template
> >
> > Commit a0a2066d introduced an lxc subdir into the lxc-init path, but
> > this was never reflected in the sshd template. Add it there.
> >
> > Don't have ssh-keygen ask for passphrase since host keys are not
> > supposed to use them.
> >
> > Don't try to symlink kmsg since /dev is bind mounted readonly.
> >
> > Read-only bind mount some extra /etc directories, and sysfs which are
> > needed by dhclient on Fedora and Oracle Linux. Fix mounting of /proc.
> >
> > Find sshd in more places by adding some common paths to $PATH, and
> > use the found path to it instead of hardcoded /usr/sbin.
> >
> > Check for ifconfig command, and print out container's IP address.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ef091cefca5082007678fe82ad01389f7057ca48
> > Author: Bogdan Purcareata <bogdan.purcareata at freescale.com>
> > Date: Wed Jul 3 12:00:53 2013 -0400
> >
> > lxcapi_set_cgroup_item: remove duplicate == 0
> >
> > Signed-off-by: Bogdan Purcareata <bogdan.purcareata at freescale.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 9c631ea7c2906f41b23f5c8dcc9f6045078879db
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Jul 1 12:38:23 2013 -0400
> >
> > allow lxc-info to get running container configuration
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 9a15a0f3f8faaa5e0d983f11bcf94dcf492c1349
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Jul 1 12:38:15 2013 -0400
> >
> > fix -c argument handling
> >
> > commit 829dd918 added parsing of a -c argument to both the common options
> > handling and to lxc-start. It is not a common option, and should have only
> > been added to lxc-start. Because the common code is processing it, no other
> > command can use -c. Remove -c from being processed by the common code.
> > Tested that -c still works with lxc-start.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 53f3f04845a9eb60064c302e1f95652f665809f1
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jul 1 15:32:25 2013 -0500
> >
> > lxc_conf_init: make sure strdup succeeded
> >
> > unlikely as a failure may be...
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2e599a6a25b533fe63840edc34ee265811b7b814
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Fri Jun 28 16:56:51 2013 +0200
> >
> > lxc-alpine: make --release work when apk exists
> >
> > Use sed to set the specified alpine release in the copied
> > /etc/apk/repositories
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 982e7b6ea40ea57923f4f094858424debc1a5f7f
> > Author: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
> > Date: Wed Jun 26 11:15:00 2013 +0300
> >
> > lxc-alpine: option for specifying the release to be installed
> >
> > Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 85b41c7d7f72213199b5cff9525d17f44b49a842
> > Author: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
> > Date: Wed Jun 26 11:14:59 2013 +0300
> >
> > lxc-alpine: automatic repository selection
> >
> > pick random server from mirror list
> > use the latest stable release
> >
> > Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 37cb98a2b7e5c7b0abf69f261a16d759453492f1
> > Author: Andrew Gilbert <andrewg800 at gmail.com>
> > Date: Thu Jun 27 08:09:05 2013 -0500
> >
> > Add -n differentiation to lxc-netstat
> >
> > lxc-netstat now only processes an -n argument if it has not previously
> > received a value for $name from --name or -n. If it _has_ received such
> > a value, it stops processing arguments and leaves the -n for netstat.
> > This does not apply to the use of --name after a name has been provided
> > by --name or -n; the current behaviour continues. The new behaviour
> > makes
> > netstat -n <container> -n -a
> > behave like
> > netstat -n <container> -a -n
> > which already will act as though there is '--' between '<container>' and
> > '-a' (see line 91 of lxc-netstat.in).
> >
> > Signed-off-by: Andrew Gilbert <andrewg800 at gmail.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 1a7cb0850405b271b7bedacd243235f29cd368df
> > Author: Andrew Gilbert <andrewg800 at gmail.com>
> > Date: Thu Jun 27 08:07:14 2013 -0500
> >
> > Add double-dash to lxc-netstat re-call arguments
> >
> > When lxc-netstat was called by lxc-unshare, it would be given the
> > arguments intended for netstat from the first invocation, but without
> > anything to separate them from the arguments intended for lxc-netstat.
> > This meant that netstat arguments like -n would result in lxc-netstat
> > trying to process them.
> >
> > Signed-off-by: Andrew Gilbert <andrewg800 at gmail.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 176d9acb2ec17211a0d69bd2bd99f914fad8d7ad
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Jun 21 14:16:42 2013 -0500
> >
> > api_clone: don't remove storage if we haven't created it
> >
> > In the best case we'll get errors about failing to remove it. In the
> > worst case we'll be trying to delete the original container's rootfs.
> >
> > Reported-by: zoolook <nbensa+lxcusers at gmail.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ae3f8cf9a4a03c62c6c12968b38b2352388df91c
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Jun 21 14:15:42 2013 -0500
> >
> > Accept more word delimiters when updating hooks
> >
> > When updating container names in hook files during a container clone,
> > we substitute the new container name for the old any time the old name
> > shows up as a separate word. This patch adds the four characters
> > '.,_-' as additional delimiters.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 618fa49dddbedd2b7319c0089dffd8d65aef8369
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Wed Jun 19 14:12:37 2013 -0400
> >
> > lxc-start-ephemeral: Fix get_ips call
> >
> > The timeout option in get_ips has been deprecated, so work around it.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 54c30e290876c5fa6e4c7b5a511580793e4777e3
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Jun 18 14:52:24 2013 -0500
> >
> > conf.c: always strdup rootfs.mount
> >
> > The reason is that the generic code which handles reading
> > lxc.rootfs.mount always frees the old value if not NULL.
> > So without this setting lxc.rootfs.mount = /mnt causes
> > segfault.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 37903589a2de0cbd62f94c5fd06d0aa8d57ca140
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Jun 13 10:06:15 2013 -0500
> >
> > don't set up console for lxc-execute
> >
> > Currently due to some safety checks for !rootfs.path, lxc-execute works
> > ok if you do not set lxc.rootfs at all in your lxc.conf. But if you
> > set lxc.rootfs = '/', then it sets up console, and when you do an
> > lxc-execute, the console appears hung.
> >
> > However the lxc.rootfs NULL check was just incidental to not dereference
> > a NULL pointer. In fact we should not be setting up a console if the
> > container isn't running a full-fledged distro with a getty/login
> > running on the container's /dev/console.
> >
> > Have lxc_execute() mark in lxc_conf that this is a lxc-execute and not
> > an lxc-start, and don't set up the console.
> >
> > The issue is documented at https://sourceforge.net/p/lxc/bugs/67/ .
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Dwight Engen <dwight.engen at oracle.com>
> >
> > commit b515981702133b9aaea1aff378493f054c14d46c
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed Jun 12 08:09:16 2013 -0700
> >
> > console API improvements
> >
> > Add a higher level console API that opens a tty/console and runs the
> > mainloop as well. Rename existing API to console_getfd(). Use these in
> > the python binding.
> >
> > Allow attaching a console peer after container bootup, including if the
> > container was launched with -d. This is made possible by allocation of a
> > "proxy" pty as the peer when the console is attached to.
> >
> > Improve handling of SIGWINCH, the pty size will be correctly set at the
> > beginning of a session and future changes when using the lxc_console() API
> > will be propagated to it as well.
> >
> > Refactor some common code between lxc_console.c and console.c. The variable
> > wait4q (renamed to saw_escape) was static, making the mainloop callback not
> > safe across threads. This wasn't a problem when the callback was in the
> > non-threaded lxc-console, but now that it is internal to console.c, we have
> > to take care of it. This is now contained in a per-tty state structure.
> >
> > Don't attempt to open /dev/null as the console peer since /dev/null cannot
> > be added to the mainloop (epoll_ctl() fails with EPERM). This isn't needed
> > to get the console setup (and the log to work) since the case of not having
> > a peer at console init time has to be handled to allow for attaching to it
> > later.
> >
> > Move signalfd libc wrapper/replacement to utils.h.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 5d4d3ebb13705d1e102429c75fc06932f81816dd
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Wed Jun 12 11:18:04 2013 +0200
> >
> > lxc-init: continue even if we fail to mount /dev/mqueue
> >
> > The 'lxc-init' (a lightweight init process used by lxc-execute in place
> > of upstart etc) tries to mount /dev/mqueue during startup. If that fails
> > (for instance due to missing support for mqueue in kernel) then it
> > aborts execution and returns -1. This is unreasonable as very few
> > applications actually need /dev/mqueue.
> >
> > This similar to what we do with /dev/shm.
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 71b0fed669a088675c1344ed68b250e87414c998
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Jun 5 17:37:03 2013 -0500
> >
> > lxclock: move container locks into /run/lock
> >
> > Currently the lxc API mutexes configuration file read/writes with a
> > lock called $lxcpath/locks/$lxcname. This fails if the container
> > is on a rofs.
> >
> > This patch moves those locks under /run/lock/lxc.
> >
> > The $lxcpath/$lxcname/partial file is not moved - if you can't
> > create it, you probably can't create the container either.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 54b79829e23e01998eeafb8156987937a894af3c
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jun 10 11:52:44 2013 -0500
> >
> > lxc_stop: return success if api_shutdown succeeded
> >
> > I originally forgot to set ret = 0 if it succeeded, meaning that a
> > simple 'lxc-stop -n container1' returns failure even though the
> > stop succeeded.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 6e46cfcb0e4fcaa2d920a3c473f83c0a73c68cfa
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jun 10 09:34:06 2013 -0500
> >
> > conf.c: if we don't specify a rootfs, we still need proc mounted
> >
> > otherwise we won't be allowed to set an apparmor context (on pid 1)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit fabf7361da4845cd6cf268e0e85c3c6a1c0b0be4
> > Author: Qiang Huang <h.huangqiang at huawei.com>
> > Date: Fri Jun 7 15:27:32 2013 +0800
> >
> > lxc-execute: allow lxc-init to log only when we have a valid log level
> >
> > Right now if we use lxc-execute without log level set, we get error:
> > lxc: invalid log priority NOTSET.
> > Because we set log level manually in execute_start(), but didn't
> > check if we have a valid log level or not, so fix it.
> >
> > Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 38973621a40a5657b067409321d54759520d7951
> > Author: Weng Meiling <wengmeiling.weng at huawei.com>
> > Date: Thu Jun 6 19:59:31 2013 +0800
> >
> > lxc-ps: display process when container is frozen
> >
> > When we use lxc-ps to show the process, it's more appropriate to
> > show process when container is frozen.
> >
> > Signed-off-by: Weng Meiling <wengmeiling.weng at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 31f58b3fcec322dba1eed71e364335c30500066c
> > Author: Rui Xiang <rui.xiang at huawei.com>
> > Date: Sat Jun 8 18:04:47 2013 +0800
> >
> > lxc-monitord: remove hard code execvp path of lxc-monitord
> >
> > Sometimes, the path of lxc tools is not '/usr/bin', but
> > '/usr/local/bin' or other. Then execvp lxc-monitord will fail
> > in lxc_monitord_spawn.
> >
> > Signed-off-by: Rui Xiang <rui.xiang at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit f02abefef9a59658c813e08f86a91fbe09eabf00
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri Jun 7 10:07:36 2013 -0400
> >
> > fix check for lock acquired
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 93dc5327aa0c2b13d619b8bedf893eea983d4d68
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Jun 5 11:56:30 2013 -0500
> >
> > lxclock and lxccontainer: switch from flock to fcntl
> >
> > flock is not supported on nfs. fcntl is at least supported on newer
> > (v3 and above) nfs.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Tested-by: zoolook <nbensa+lxcusers at gmail.com>
> >
> > commit 1af60b514fc9d8da2b4485e9e8845619fb6c6b68
> > Author: Weng Meiling <wengmeiling.weng at huawei.com>
> > Date: Tue Jun 4 20:52:27 2013 +0800
> >
> > lxc-ps: fix the display problem with arg --lxc
> >
> > When we use arg --lxc to show processes in all containers, no
> > process displays, so fix it.
> >
> > (Changelog: Serge: in-line fix of s/;;/;/ at line 69)
> >
> > Signed-off-by: Weng Meiling <wengmeiling.weng at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit eddaaafd1a9b02ba39e5b6b13d40b4a5d37a04e1
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Jun 2 15:39:35 2013 -0500
> >
> > implement loopback backing store
> >
> > Create a loopfile backed container by doing:
> >
> > lxc-create -B loop -t template -n name
> >
> > or
> >
> > lxc-clone -B loop -o dir1 -n loop1
> >
> > The rootfs in the configuration file will be
> >
> > loop:/var/lib/lxc/loop1/rootdev
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit f002c8a7655e42a325ef6bad9fb0844fad4e410b
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jun 3 18:19:01 2013 +0200
> >
> > lxc_create: support 'lxc-create -t <template> -h'
> >
> > With the lxc-create script, 'lxc-create -t template -h' used to call
> > 'template -h' to get template-specific help. The api based lxc-create
> > did not yet support that.
> >
> > Add a 'helpfn' method to the lxc_arguments, which is called at the end
> > of printhelp, and passed the lxc_arguments. Use that in lxc_create to
> > reintroduce the desired behavior.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 4c1f6b67d9b842d9e5c293eea2ff19301ecc5596
> > Author: Qiang Huang <h.huangqiang at huawei.com>
> > Date: Mon Jun 3 09:48:14 2013 +0800
> >
> > lxc-destroy: fix the wrong help info of lxc-destroy
> >
> > Changelog: jun 3: (Serge) trivial typo fix inline.
> >
> > Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3155e7f954d4b5d7da528d2a3cd8be254432e3c3
> > Author: Qiang Huang <h.huangqiang at huawei.com>
> > Date: Mon Jun 3 09:48:13 2013 +0800
> >
> > lxc-create: fix the typo in help info
> >
> > Fix typo in help info of lxc-create, and get rid of duplicate
> > comments in bdev.h
> >
> > Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 63c3090c913142cd19f443b040cdede2c0522ce8
> > Author: Qiang Huang <h.huangqiang at huawei.com>
> > Date: Mon Jun 3 09:48:12 2013 +0800
> >
> > arguments: should return negative number when error happens
> >
> > We should return -ENOMEM instead of ENOMEM when realloc fails.
> >
> > Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 44ef0c0c7200ef4e8783387d886d3748da3d50fd
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Jun 3 10:47:21 2013 -0500
> >
> > lxcapi_create: don't close stdin/out/err
> >
> > Otherwise we can't see template progress.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 569bee5cc3d647032573db8f72734faa9307d577
> > Author: Natanael Copa <ncopa at alpinelinux.org>
> > Date: Tue May 28 10:25:14 2013 +0200
> >
> > lxc-alpine: download a static package manager if its missing
> >
> > If the package manager, apk-tools is missing, then:
> > - download a static binary and public keys
> > - verify the keys against embedded checksum
> > - verify the signature of the static binary against the downloaded keys
> > - use the verified static binary
> >
> > Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> > Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen at datakunkku.fi>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 0a18b5458b6d0fcad9a82b96f99035254af50c7a
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 31 16:09:14 2013 +0200
> >
> > Define LXC_DEFAULT_CONFIG
> >
> > And use it in place of the various ways we were deducing /etc/lxc/default.conf.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 3a647d582dc759e43c2087f0d906adf77c62ab6c
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 31 16:02:33 2013 +0200
> >
> > configure/makefile: rename default_conf to distro_conf
> >
> > configure/makefile: rename default_conf to distro_conf, since it is a per-distro
> > default. Then we'll be able to use the symbol LXC_DEFAULT_CONF in the code to
> > refer to the installed file.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 3bc449ed24edc4b754cbe0af19fe878d29731f59
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 31 07:55:14 2013 -0500
> >
> > lxccontainer: update locking comment
> >
> > Update the LOCKING comment.
> >
> > Take mem_lock in want_daemonize.
> >
> > convert lxcapi_destroy to not use privlock/slock by hand.
> >
> > Fix a coverity-found potential dereference of NULL c->lxc_conf.
> >
> > api_cgroup_get_item() and api_cgroup_set_item(): use disklock,
> > not memlock, since the values are set through the cgroup fs on
> > the running container.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 73e608b21f73509c5f8c7a948cc6d4b0898edb2c
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu May 30 11:22:16 2013 -0500
> >
> > waitpid at abort to make sure we can rmdir cgroups
> >
> > If we abort the container start, and don't wait for the init task to be
> > reaped after we kill it, then we can't remove the container cgroup
> > because it is not empty.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 39dc698cb4025516a3428a68e19da05feb6fc0e9
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed May 29 12:26:25 2013 -0500
> >
> > lxccontainer: don't lock around getstate and freeze/unfreeze (v2)
> >
> > Those go through commands.c and are already mutex'ed that way.
> >
> > Also remove a unmatched container_disk_unlock in lxcapi_create.
> >
> > Since is_stopped uses getstate which is no longer locked, rename
> > it to drop the _locked suffix.
> >
> > And convert save_config to taking the disk lock. This way the
> > save_ and load_config are mutexing each other, as they should.
> >
> > Changelog: May 29:
> > Per Dwight's comment, take the lock before opening the config
> > FILE *.
> > Only take disklock at load and save_config when we're using the
> > container's config file, not when read/writing from/to another
> > file.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Dwight Engen <dwight.engen at oracle.com>
> >
> > commit 0115f8fd27b1a31d367bb161a121694f92b45e62
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 28 15:25:41 2013 -0400
> >
> > add console to lxc api
> >
> > Make lxc_cmd_console() return the fd from the socket connection to the
> > caller. This fd keeps the tty slot allocated until the caller closes
> > it. Returning the fd allows for a long lived process to close the fd
> > and reuse consoles.
> >
> > Add API function for console allocation.
> >
> > Create test program for console API.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3db989bad5d58bafac80f448e1dd2d048e791478
> > Author: Qiang Huang <h.huangqiang at huawei.com>
> > Date: Mon May 27 19:10:38 2013 +0800
> >
> > lxc-console: use fd instead of 0 in setup_tios
> >
> > We should use the fd specified by caller.
> >
> > Signed-off-by: Qiang Huang <h.huangqiang at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit dc5e436e702f0bf4001e3e6e9f855443b2fcf448
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 28 15:18:22 2013 -0400
> >
> > lxc.spec.in: remove lxc-shutdown (for commit 3e625e2d)
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 5790f7b7a76b9ccff662fdd6ff0013b8f218d020
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue May 28 15:27:42 2013 -0500
> >
> > api_clone: call is_stopped_locked() to avoid deadlock.
> >
> > Technically as Dwight has mentioned we should probably drop the locking
> > from api_state() altogether, since those are protected through the
> > lxc command system.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 64f782ca69c70fd155427a81d69fda593981e770
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue May 28 14:07:43 2013 -0500
> >
> > lxc.conf.sgml.in: fill in missing configuration file statements
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 1897e3bcd36af9f3fe6d3649910a9adb93e5e988
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 17 23:23:17 2013 +0200
> >
> > Move container creation fully into the api
> >
> > 1. implement bdev->create:
> >
> > python and lua: send NULL for bdevtype and bdevspecs.
> > They'll want to be updated to pass those in in a way that makes
> > sense, but I can't think about that right now.
> >
> > 2. templates: pass --rootfs
> >
> > If the container is backed by a device which must be mounted (i.e.
> > lvm) then pass the actual rootfs mount destination to the
> > templates.
> >
> > Note that the lxc.rootfs can be a mounted block device. The template
> > should actually be installing the rootfs under the path where the
> > lxc.rootfs is *mounted*.
> >
> > Still, some people like to run templates by hand and assume purely
> > directory backed containers, so continue to support that use case
> > (i.e. if no --rootfs is listed).
> >
> > Make sure the templates don't re-write lxc.rootfs if it is
> > already in the config. (Most were already checking for that)
> >
> > 3. Replace lxc-create script with lxc_create.c program.
> >
> > Changelog:
> > May 24: when creating a container, create $lxcpath/$name/partial,
> > and flock it. When done, close that file and unlink it. In
> > lxc_container_new() and lxcapi_start(), check for this file. If
> > it is locked, create is ongoing. If it exists but is not locked,
> > create() was killed - remove the container.
> >
> > May 24: dont disk-lock during lxcapi_create. The partial lock
> > is sufficient.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 60bf62d4ae36a48342fb8aee680fbd4b423810b1
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 17 07:20:10 2013 +0200
> >
> > destroy: implement in the api
> >
> > This requires implementing bdev->ops->destroy() for each of the backing
> > store types. Then implementing lxcapi_clone(), writing lxc_destroy.c
> > using the api, and removing the lxc-destroy.in script.
> >
> > (this also has a few other cleanups, like marking some functions
> > static)
> >
> > Changelog:
> > fold into destroy: fix zfs destroy
> > destroy: use correct program name in help
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3e625e2d2e12b919dd9590b97badc6108ee67b1a
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu May 16 23:03:47 2013 +0200
> >
> > lxc-stop: use api, remove lxc_shutdown, extend lxc-stop functionality
> >
> > implement c->reboot(c) in the api.
> >
> > Also if the container is not running, return -2. Currently
> > lxc-stop will return 0, so you cannot tell the difference
> > between successfull stopping and noop.
> >
> > Per stgraber's email:
> >
> > - Remove lxc-shutdown
> > - Change lxc-stop so that:
> > * Default behaviour is to call shutdown(), wait 15s for STOPPED, if
> > not STOPPED, print a message to the user and call stop() [ NOTE:
> > actually 60 seconds per followup thread]
> > * We have a -r option to reboot the container (with proper check that
> > the container indeed rebooted within the next 15s)
> > * We have a -s option to shutdown the container without the automatic
> > fallback to stop()
> > * Add a -k option allowing a user to just kill a container
> > (equivalent to old lxc-stop, no shutdown() call and no delay).
> >
> > and update manpages.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 5cee8c5040661f9875bf41cfffd641c87afae8af
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 24 16:03:22 2013 -0500
> >
> > locking: update per Dwight's comment
> >
> > Create three pairs of functions:
> > int process_lock(void);
> > void process_unlock(void);
> > int container_mem_lock(struct lxc_container *c)
> > void container_mem_unlock(struct lxc_container *c)
> > int container_disk_lock(struct lxc_container *c);
> > void container_disk_unlock(struct lxc_container *c);
> >
> > and use those in lxccontainer.c
> >
> > process_lock() is to protect the process state among multiple threads.
> > container_mem_lock() is to protect a struct container among multiple
> > threads. container_disk_lock is to protect a container on disk.
> >
> > Also remove the lock in lxcapi_init_pid() as Dwight suggested.
> >
> > Fix a typo (s/container/contain) spotted by Dwight.
> >
> > More locking fixes are needed, but let's first the the fundamentals
> > right. How close does this get us?
> >
> > Changelog: v2:
> > fix lxclock compile
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Dwight Engen <dwight.engen at oracle.com>
> >
> > commit df271a59cbfcfbe98fa4bd7af3ae595633539a12
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed May 22 16:24:00 2013 -0500
> >
> > lxclock: Replace named sempahore with flock
> >
> > The problem: if a task is killed while holding a posix semaphore,
> > there appears to be no way to have the semaphore be reliably
> > autmoatically released. The only trick which seemed promising
> > is to store the pid of the lock holder in some file and have
> > later lock seekers check whether that task has died.
> >
> > Instead of going down that route, this patch switches from a
> > named posix semaphore to flock. The advantage is that when
> > the task is killed, its fds are closed and locks are automatically
> > released.
> >
> > The disadvantage of flock is that we can't rely on it to exclude
> > threads. Therefore c->slock must now always be wrapped inside
> > c->privlock.
> >
> > This patch survived basic testing with the lxcapi_create patchset,
> > where now killing lxc-create while it was holding the lock did
> > not lock up future api commands.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2acf77955239ec0046451fa16812d2884e6bd19b
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Thu May 23 15:44:39 2013 -0400
> >
> > fix memory leaks in cgroup functions
> >
> > There were several memory leaks in the cgroup functions, notably in the
> > success cases.
> >
> > The cgpath test program was refactored and additional tests added to it.
> > It was used in various modes under valgrind to test that the leaks were
> > fixed.
> >
> > Simplify lxc_cgroup_path_get() and cgroup_path_get by having them return a
> > char * instead of an int and an output char * argument. The only return
> > values ever used were -1 and 0, which are now handled with NULL and non-NULL
> > returns respectively.
> >
> > Use consistent variable names of cgabspath when refering to an absolute path
> > to a cgroup subsystem or file, and cgrelpath when refering to a container
> > "group/name" within the cgroup heirarchy.
> >
> > Remove unused subsystem argument to lxc_cmd_get_cgroup_path().
> >
> > Remove unused #define MAXPRIOLEN
> >
> > Make template arg to lxcapi_create() const
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 6a44839f5973f41553349f1b5e77d8db809e60eb
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Thu May 23 15:39:03 2013 -0400
> >
> > consolidate missing C library functions into utils.h
> >
> > This fixes the build of lxccontainer.c on systems that have __NR_setns
> > but not HAVE_SETNS.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ad5f15151580201b79fc140f664227b494639e81
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Wed May 22 22:28:43 2013 -0400
> >
> > python: Fix lxc-ls's usage of get_ips()
> >
> > The recent port of get_ips() from pure python to the C API came with
> > a couple of API changes for that function call (as were highlighted in
> > the commit message).
> >
> > I somehow didn't notice that lxc-ls was still calling with the old API
> > and so was crashing whenever it was asked to show the ipv4 or ipv6 address.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 5bb4a226ebec9f3fb678a282a2b2833748d6707b
> > Author: Michael H. Warfield <mhw at WittsEnd.com>
> > Date: Tue May 21 14:17:25 2013 -0400
> >
> > lxc-fedora template. Cleanup for rootfs.
> >
> > This is just some minor changes in the way the Fedora template is
> > synthesizing the target rootfs_path. Currently, the template uses a
> > path with the container in it twice like this:
> >
> > /var/lib/lxc/rasputin/rasputin/rootfs
> >
> > This happens because the container name is already contained in the
> > "path" and the template appends it a second time. This changes the
> > logic to be congruent with other templates such as lxc-arch. The new
> > behavior will be to create the rootfs like this:
> >
> > /var/lib/lxc/rasputin/rootfs
> >
> > Attached below the jump.
> >
> > Regards,
> > Mike
> > --
> > Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
> > /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> > NIC whois: MHW9 | An optimist believes we live in the best of all
> > PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
> > --
> >
> > Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 65be441e0892b45000b9b3863d407539e56e47a4
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 21 11:34:45 2013 -0400
> >
> > oracle template: mount /dev/shm as tmpfs
> >
> > sem_open(3) checks that /dev/shm is SHMFS_SUPER_MAGIC. Normally /dev/shm
> > is mounted in the initramfs created by dracut, but that won't be run for
> > a container so make sure that rc.sysinit mounts /dev/shm.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 481624b37b37ffa98b735cf3f94e35d1fbd729e0
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 21 13:30:09 2013 -0400
> >
> > fix build with --enable-tests
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit fa9ac567a7f1593c586cca57362f6b542985e5d7
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue May 21 20:31:04 2013 -0500
> >
> > attach: and cgroup.c: be overly cautious
> >
> > Realistically (as Dwight points out) it doesn't seem possible that
> > getline won't return at least one line in this functions, however
> > just to make absolutely sure we don't get a segv on free(NULL),
> > check line != NULL before freeing it on exit.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 20fe4e8febe40f6fc4e4c6f52b91f0af0232e6f5
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 21 15:36:32 2013 -0400
> >
> > fix getline(3) memory leaks
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit fca3080f6a46f856c54218a8e478a174382b4c15
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 21 13:15:53 2013 -0400
> >
> > fix minor gcc 4.7.2 error
> >
> > lxccontainer.c:874:4: error: ‘for’ loop initial declarations are only
> > allowed in C99 mode
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit ef6e34eec8d5a9f1447462d6080facb674b3ccdb
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri May 17 18:29:12 2013 -0400
> >
> > extend command processor to handle generic data
> >
> > Motivation for this change is to have the ability to get the run-time
> > configuration items from a container, which may differ from its current
> > on disk configuration, or might not be available any other way (for
> > example lxc.network.0.veth.pair). In adding this ability it seemed there
> > was room for refactoring improvements.
> >
> > Genericize the command infrastructure so that both command requests and
> > responses can have arbitrary data. Consolidate all commands into command.c
> > and name them consistently. This allows all the callback routines to be
> > made static, reducing exposure.
> >
> > Return the actual allocated tty for the console command. Don't print the
> > init pid in lxc_info if the container isn't actually running. Command
> > processing was made more thread safe by removing the static buffer from
> > receive_answer(). Refactored command response code to a common routine.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 9c83a661397456e1455d739bcadfa38f05ce2fe6
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Apr 26 16:01:58 2013 +0200
> >
> > lxcapi: Add new get_ips() call
> >
> > This adds a new get_ips call which takes a family (inet, inet6 or NULL),
> > a network interface (or NULL for all) and a scope (0 for global) and returns
> > a char** of all the IPs in the container.
> >
> > This also adds a matching python3 binding (function result is a tuple) and
> > deprecates the previous pure-python get_ips() implementation.
> >
> > WARNING: The python get_ips() call is quite different from the previous
> > implementation. The timeout argument has been removed, the family names are
> > slightly different (inet/inet6 vs ipv4/ipv6) and an extra scope parameter
> > has been added.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 92f023dccced28a55ce323253f298e9825fe7da7
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Mon May 20 17:54:23 2013 +0200
> >
> > Implement simple utility functions for reading and writing to fds
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 65fbbb0a0f7bad119aa5f2ac6f3ee041970889fc
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Mon May 20 17:54:22 2013 +0200
> >
> > Move declarations of some constants to where they are needed.
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit c797a220d51d2796355fd60eca50523ffd6fb45e
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Mon May 20 17:54:21 2013 +0200
> >
> > utils.c: Add lxc_wait_for_pid_status routine that returns exit code
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 71b9b8ed262e2d826181bfb79e5d5075ff1a3ff0
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Mon May 20 17:54:20 2013 +0200
> >
> > wait_for_pid: Fix EINTR check
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d1240f0335e0c469b850da467661dfbb8f262727
> > Author: Michael H. Warfield <mhw at WittsEnd.com>
> > Date: Mon May 20 12:04:38 2013 -0400
> >
> > lxc-fedora template - systemd console gettys
> >
> > Hey all...
> >
> > Patch to the lxc-fedora template to setup gettys on the ttys that are
> > enabled in the configuration. The area of the code already had some
> > modifications to that service that didn't seem to do anything and would
> > get wiped out by an update. I commented that out but subsumed the
> > change it was attempting into my command in case it does something on
> > another rev somewhere.
> >
> > This is very similar to the logic in the OpenSuse template but doesn't
> > seem to appear in other templates, such as arch, which have to deal with
> > systemd. This isn't unique to Fedora. The templates for Fedora,
> > ArchLinux, and OpenSuse are the only three that seem to have any
> > reference to systemd at all.
> >
> > Attached below the jump.
> >
> > Regards,
> > Mike
> > --
> > Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
> > /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> > NIC whois: MHW9 | An optimist believes we live in the best of all
> > PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
> > --
> >
> > Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 11029c023a12dbe3f3569fcc22f25667686e417f
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri May 17 18:28:12 2013 -0400
> >
> > return lxc generated name for veth pair
> >
> > Doing a get_config_item for lxc.network.0.veth.pair only returns the
> > pair name if explicitly given, but it can be useful to know the name
> > even if it is the one that lxc autogenerated.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 40650ea6817286a9587a84bf3ce5d25d10620303
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri May 17 17:40:12 2013 -0400
> >
> > quiet gcc 4.4.7 warning about saveptr use before initialization
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit de09eccbeda214a1ef5a9b7144870defa97e88c4
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 17 11:25:15 2013 -0500
> >
> > lxc-create: zfs: consistently use zfsroot, not zfs_root
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit dc92f6c7eec81dc104b3f7873ffd74ec56a1dae1
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu May 16 08:22:41 2013 -0500
> >
> > document clone hooks
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 148e91f56799f03c868deca8dcad473983a1a2bf
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue May 14 16:10:37 2013 -0500
> >
> > lxc: add clone hook.
> >
> > Add a clone hook called from api_clone. Pass arguments to it from
> > lxc_clone.c.
> >
> > The clone update hook is called while the container's bdev is mounted.
> > Information about the container is passed in through environment
> > variables LXC_ROOTFS_PATH, LXC_NAME, The LXC_ROOTFS_MOUNT, and
> > LXC_CONFIG_FILE.
> >
> > LXC_ROOTFS_MOUNT=/usr/lib/x86_64-linux-gnu/lxc
> > LXC_CONFIG_FILE=/var/lib/lxc/demo3/config
> > LXC_ROOTFS_PATH=/var/lib/lxc/demo3/rootfs
> > LXC_NAME=demo3
> >
> > So from the hook, updates to the container should be made under
> > $LXC_ROOTFS_MOUNT/ .
> >
> > The hook also receives command line arguments as follows:
> > First argument is container name, second is always 'lxc', third
> > is the hook name (always clone), then come the arguments which
> > were passed to lxc-clone. I.e. when I did:
> >
> > sudo lxc-clone demo2 demo3 -- hey there dude
> >
> > the arguments passed in were "demo3 lxc clone hey there dude"
> >
> > I personally would like to drop the first two arguments. The
> > name is available as $LXC_NAME, and the section argument ('lxc')
> > is meaningless. However, doing so risks invalidating existing
> > hooks.
> >
> > Soon analogous create and destroy hooks will be added as well.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 9a93d99213da44b5ddf2f5295f6ef3a59d4f1fba
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed May 15 15:21:24 2013 -0500
> >
> > cgroup: prevent DOS when a hierachy is mounted multiple times
> >
> > When starting a container, we walk through all cgroup mounts looking
> > for a unique directory name we can use for this container. If the
> > name we are trying is in use, we try another name. If it is not in
> > use in the first mount we check, we need to check other hierarchies
> > as it may exist there. But we weren't checking whether we have already
> > checked a subsystem - so that if freezer was mounted twice, we would
> > create it in the first mount, see it exists in the second, so start
> > over trying in the second mount.
> >
> > To fix this, keep track of which subsystems we have already checked,
> > and do not re-check.
> >
> > (See http://pad.lv/1176287 for a bug report)
> >
> > Note we still need to add, at the next: label, the removal of the
> > directories we've already created. I'm keeping that for later as
> > it's far lower priority than this fix, and I don't want to risk
> > introducing a regression for that.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 6031a6e5f939bda07d98768d34dafae677a7dfeb
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed May 15 12:27:34 2013 -0400
> >
> > set non device cgroup items before the cgroup is entered
> >
> > This allows some special cgroup items such as memory.kmem.limit_in_bytes
> > to be successfully set, since they must be set before any task is put
> > into the cgroup.
> >
> > The devices cgroup is setup later giving the container a chance to mount
> > file systems before the device it might want to mount from becomes
> > unavailable.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d9e80daf54e15b89b0b08d475b29893be9830be0
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed May 15 13:23:12 2013 -0400
> >
> > doc/lxc.conf minor clarifications
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 627fe3b4c3a65535eb53c3d63794705d8f6322d4
> > Author: Michael H. Warfield <mhw at WittsEnd.com>
> > Date: Tue May 14 17:45:12 2013 -0400
> >
> > lxc-fedora-template: autodev, hostname, ARM archs, Raspberry Pi fixes
> >
> > This took a lot longer for me to get around to it... Sorry.
> >
> > Patch to the lxc-fedora template.
> >
> > I didn't get any further comments from my earlier proposal, weeks ago,
> > and did get one addition based on comments about properly setting the
> > hostname in /etc/hostname, which I've added. I could have broken them
> > into separate patches but most are pretty small and minor.
> >
> > Changes:
> >
> > * Map armv6l and armv7l architectures to "arm" for yum and repos to
> > function properly.
> >
> > * Detect Fedora Remix distros with no "/etc/fedora-release" file
> > (Raspberry Pi) and find proper release versions when "remix" part of the
> > file context.
> >
> > * Change default Fedora container on non-Fedora hosts to Fedora 17.
> >
> > * Added code for autodev for Fedora systemd containers.
> >
> > * Added code to set /etc/hostname for Fedora > 14 (systemd).
> >
> > * Fix a few typos.
> >
> > Regards,
> > Mike
> > --
> > Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
> > /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> > NIC whois: MHW9 | An optimist believes we live in the best of all
> > PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
> > --
> >
> > Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 794fb287b3bd7a6c07f99ec1565c517922287065
> > Author: Bogdan Purcareata <bogdan.purcareata at freescale.com>
> > Date: Wed May 15 12:08:14 2013 +0300
> >
> > lxc-busybox: check when bind-mounting host libdirs
> >
> > The patch removes the behavior of automatically mounting /lib
> > and /usr/lib, since this is duplicated a few lines below. It will
> > also remove the risk of failing when one of these entries are not
> > present on the host - e.g. on a 64bit machine.
> >
> > Signed-off-by: Bogdan Purcareata <bogdan.purcareata at freescale.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 807732062eab6cd44fb033bfbb37fbb38907aa66
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue May 14 08:24:27 2013 -0500
> >
> > lxc-cirros updates
> >
> > fix userdata consumption
> >
> > patch for console issue
> >
> > Signed-off-by: Scott Moser <scott.moser at canonical.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 58a46e06210a6321c530735f15f66eb648c4657d
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 10 00:52:22 2013 -0500
> >
> > add lxc-cirros
> >
> > Add a template to create a cirros container. One great thing about
> > cirros is that the image you download is 3.5M.
> >
> > Thanks smoser!
> >
> > Note by default /etc/inittab doesn't have a /dev/console entry, so you
> > don't get a login on the lxc-start console. Adding
> >
> > console::respawn:/sbin/getty 115200 console
> >
> > makes that work, but ctrl-c still gets forwarded to init which then
> > reboots. So I didn't bother adding console as part of the template
> > (yet). Instead I simply lxc-start -d, then lxc-console.
> >
> > Signed-off-by: Scott Moser <scott.moser at canonical.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 714540763b8b1ac12c029d7760b4e4fe13a69b43
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon May 13 12:03:14 2013 -0400
> >
> > serialize multiple threads doing lxcapi_start()
> >
> > The problem is that the fd table is shared between threads and if a thread
> > forks() while another thread has an open fd to the monitor, the duped fd
> > in the fork()ed child will not get closed, thus causing monitord to stay
> > around since it thinks it still has a client. This only happened when
> > calling lxcapi_start() in the daemonized case since that is the only time
> > we try to get the status from the monitor.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 304143a823ede4eca52f1d11ae1449995ad503ff
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed May 8 16:44:10 2013 -0400
> >
> > lxc-shutdown: fix lxc_path variable
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 8d06bd135af4852f24660be965aba2d781223af4
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 7 16:40:49 2013 -0400
> >
> > lxc-monitor multiple paths
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 566c0d6dce82ee573da01e325c53179ed74350f1
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue May 7 19:28:32 2013 -0500
> >
> > lxc-ps: handle cgroup collisions
> >
> > A few months ago cgroup handling in lxc was updated so that if
> > /sys/fs/cgroup/$cgroup/lxc/$container already exists (most often
> > due to another container by the same name under a different lxcpath),
> > then /sys/fs/cgroup/$cgroup/lxc/${container}-N would be used.
> >
> > lxc-ps was never updated to handle this. Fix that.
> >
> > (Note, the ns cgroup is being special cased there, but I don't
> > really believe ns cgroup works any more.)
> >
> > It would be preferable to rewrite lxc-ps in python or in C, but
> > this at least makes the basic lxc-ps work in the case of multiple
> > containers with the same name.
> >
> > Changelog:
> > fix missing fi.
> > replace 'z1' with '$container' as pointed out by Christian
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 7f4717c293fd5ecb9d605bed890cb412314aa8e2
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue May 7 15:33:42 2013 -0500
> >
> > conf.c: remove a break
> >
> > commit ab81cef05338e7a553aacca141287034d6daf167 meant to remove the
> > added break, but apparently i had not done 'git add' before commit
> > --amend. Remove the added break.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit dd66e5adb38c76e6eecf0e54c5418fd9f7ac3b3b
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 7 10:57:38 2013 -0400
> >
> > coverity: fix potential dereference NULL returned from malloc
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit f2bbe86da4044c8db39e6eae19541fe2d117bae7
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 7 10:57:33 2013 -0400
> >
> > coverity: check return from waitpid
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3856bc9ff50f2cbd6cb2830619f3594ffea0b344
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 7 10:57:26 2013 -0400
> >
> > coverity: clonetest: check correct container is cloned
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 5ca6c34bdeb02ea355a0e5ef9ff51581b58c1ee7
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 7 10:57:16 2013 -0400
> >
> > coverity: condition already checked for
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 42fb4b1585d5f2073fbfe984acd46b625fd3c6a1
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 7 10:57:09 2013 -0400
> >
> > coverity: open can return 0 as an fd, change error check to < 0
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 91c908ee8ea5aada054cbb7f4203d486c2e9a09e
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue May 7 10:57:03 2013 -0400
> >
> > coverity: free malloc'ed memory in error case
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ab81cef05338e7a553aacca141287034d6daf167
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri May 3 16:50:32 2013 -0400
> >
> > coverity: fix dereference NULL return value
> >
> > also break once we have found root, no need to search the rest of the mounts
> >
> > Changelog: May 6: Serge: don't add the break. (see m-l)
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 7c7ec7a8eded3d3864631165503fedb456e1b779
> > Author: Harald Dunkel <harald.dunkel at aixigo.de>
> > Date: Fri May 3 10:53:43 2013 +0200
> >
> > support alternate container path in lxc-netstat.in
> >
> > Signed-off-by: Harald Dunkel <harald.dunkel at aixigo.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 8ee3042a5419ea4c9bb0d1c264715f9d9c39bfa3
> > Author: Harald Dunkel <harald.dunkel at aixigo.de>
> > Date: Fri May 3 10:53:41 2013 +0200
> >
> > lxc-create: add missing -P option for running lxc-destroy
> >
> > Signed-off-by: Harald Dunkel <harald.dunkel at aixigo.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit d2c8186b4d185d75e81aec02d5a62dde4192c16d
> > Author: Harald Dunkel <harald.dunkel at aixigo.de>
> > Date: Fri May 3 10:53:40 2013 +0200
> >
> > support alternate container path in lxc-shutdown
> >
> > Signed-off-by: Harald Dunkel <harald.dunkel at aixigo.de>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a9bafa108521ac785e846f2ace105c327371c106
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri May 3 16:50:20 2013 -0400
> >
> > coverity: fix dereference before NULL check
> >
> > also fixed some error strings while here
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3c73b55472c096f06fd037c3c0af011be62a432b
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 3 16:36:08 2013 -0500
> >
> > remove leftover debug cruft (thanks, Dwight)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a747894428ea38c4a908acacb610fc3de714e0c0
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri May 3 13:41:40 2013 -0400
> >
> > coverity: ftell returns a signed value
> >
> > The check for flen < 0 could never have been true since flen was declared
> > to be size_t (unsigned). Declare flen to be long since that is what ftell
> > returns.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 8fb86a37daecd05e9ef7f291dd4762be881f88e4
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri May 3 12:28:06 2013 -0500
> >
> > confile.c:config_network_ipv6_gateway: only define gw in needed scope
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit bec695f3ec43972ad38f06f92ff2db03d8405562
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri May 3 12:04:07 2013 -0400
> >
> > coverity: fix leak when ipv6 gw is auto
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 8950ee8ebfc9a7f34003f6892b5a7da6aef9fff9
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri May 3 12:04:01 2013 -0400
> >
> > coverity: fix leak in error case
> >
> > Since lxc_execute() is available through the library and is exposed via
> > the API we cannot be sure the caller will immediately exit, so we should
> > take care to free the allocated memory.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a2eea3c1974d70bdef74a0af6a14ca3a6fa41704
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Fri May 3 11:29:39 2013 -0400
> >
> > coverity: ensure string is null terminated, return in
> >
> > error case
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2d4bcb96155c0e4a5d2734017f889b993144e876
> > Author: Weng Meiling <wengmeiling.weng at huawei.com>
> > Date: Fri May 3 11:02:48 2013 +0800
> >
> > lxc_start: free the conf if starting the container fails
> >
> > When running lxc-start command with valgrind, it reports a memory leak error.
> > When lxc-start command fails, the conf which is from malloc has not been released.
> > This patch fix the problem.
> >
> > Signed-off-by: Weng Meiling <wengmeiling.weng at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit fc7e88640cbdb402aaa048dd74829c8d09dda850
> > Author: Weng Meiling <wengmeiling.weng at huawei.com>
> > Date: Fri May 3 11:02:40 2013 +0800
> >
> > add free conf->rcfile in lxc_conf_free
> >
> > when releasing the conf, add free conf->rcfile which is from malloc
> >
> > Signed-off-by: Weng Meiling <wengmeiling.weng at huawei.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b85ab7989ebe24629267048cb269b278eeb50490
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu May 2 16:28:10 2013 -0500
> >
> > ubuntu templates: add comments to show how to enable nesting
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 375c2258b24b233832c9ec43ab9c7b3f5dce25fb
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed May 1 23:37:05 2013 -0500
> >
> > clone: a few fixes
> >
> > clean up error case in clone, which in particular could cause double
> > lxc_container_put(c2)
> >
> > for overlayfs, handle (with error message) all bdev types.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit e0b0b533feed683ce12c94e11174019a5dac64fc
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed May 1 19:07:16 2013 -0400
> >
> > allow lxc-init to log when rootfs not given
> >
> > On Mon, 29 Apr 2013 14:44:47 -0500
> > Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> >
> > > Quoting Dwight Engen (dwight.engen at oracle.com):
> > > > So I did this, only to realize that lxc-init is passing "none" for
> > > > the file anyway, so it currently doesn't intend to log. This makes
> > > > me think that passing NULL for lxcpath is the right thing to do in
> > > > this patch. If you want me to make it so lxc-init can log, I can do
> > > > that but I think it should be in a different change :)
> > >
> > > That actually would be very useful, but as you say that's a different
> > > feature - thanks.
> >
> > ... and here is said change.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit eee3ba81c88e64b8a732694fc4843a39d5bde491
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed May 1 08:33:12 2013 -0500
> >
> > templates: deny writes to host's clock (v2)
> >
> > Don't allow write to /dev/rtc0, and remove sys_time.
> >
> > Thanks, Christoph.
> >
> > v2: drop sys_time, sys_module, mac_admin and mac_override in
> > all templates.
> >
> > Reported-by: Christoph Mitasch <cmitasch at thomas-krenn.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ee25a44fd389ed450e3d7ef9513eec19668f2de7
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue Apr 30 16:33:18 2013 -0400
> >
> > log.c: always use dir when lxcpath is not default
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b338c81b9f0130106eee4b2ff70959c2e62a1fac
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Apr 30 14:45:32 2013 -0500
> >
> > lxc.functions.in: add missing backquote
> >
> > Reported by both Dwight and S.Çağlar - thanks.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 385e7a431a1865017211478741408d505396f9a7
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Apr 30 14:23:08 2013 -0500
> >
> > lxc.functions.in: use the right parameter to lxc-config to get lxcpath
> >
> > Reported-by: S.Çağlar Onur <caglar at 10ur.org>
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b164a17f9bfcc3f067dad33d0c38834aa22ca2b1
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Apr 30 14:20:40 2013 -0500
> >
> > remove lxc-clone-sh
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ec471210d97ba23b2de618349bdb6dd4145e53e0
> > Author: S.Çağlar Onur <caglar at 10ur.org>
> > Date: Tue Apr 30 14:55:04 2013 -0400
> >
> > Update .gitignore
> >
> > Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
> > Signed-off-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 0fc0d057c34f3ee10eeb87e3f11405aa79c3b4df
> > Author: S.Çağlar Onur <caglar at 10ur.org>
> > Date: Tue Apr 30 14:55:03 2013 -0400
> >
> > silence "sh: 1: zfs: not found" errors on systems without ZFS
> >
> > Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
> > Signed-off-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a8428dfa2c6a43ee195f4be3e04a519ca1fc6ec0
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Apr 29 22:09:06 2013 +0200
> >
> > introduce lxc_config
> >
> > It's a tiny program (exported through the api) wrapping the util.c
> > helpers for reading /etc/lxc/lxc.conf variables, and replaces
> > the kludgy shell duplication in lxc.functions.in
> >
> > Changelog: Apr 30: address feedback from Dwight
> > (exit error on failure, and use 'lxcpath' as name, not
> > 'default_path').
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Dwight Engen <dwight.engen at oracle.com>
> >
> > commit 1e1bb42a8fca68d9fa9391e6644aeff296479499
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Apr 29 14:50:30 2013 +0200
> >
> > add vg and zfsroot options to lxc.functions and use in lxc-create
> >
> > also make sure to drop spaces between = and variable in lxc.conf
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 31a95fecd2e0b1408e9a97e3ae36a7770544d1a2
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sat Apr 27 04:59:11 2013 +0200
> >
> > allow site-wide customization of zfsroot and lvm vg
> >
> > /etc/lxc/lxc.conf can contain
> >
> > zfsroot = custom1
> > lvm_vg = vg0
> >
> > (Otherwise the defaults are 'lxc' for lvm_vg, and 'lxc' for zfsroot)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ca52dcb55961d75e0163f237c92d225964c786bd
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Apr 26 18:00:28 2013 +0200
> >
> > Several backing store improvements
> >
> > allow copy clones from other bdevs
> >
> > for lvm and zfs, as we don't yet support passing options, only default
> > VG of 'lxc' and default zfsroot of 'tank' are supported when converting
> > another backing store type.
> >
> > refuse deletion of container which has lvm or zfs snapshots.
> > Note that since a zfs clone must be made from a zfs snapshot,
> > which is made from the original zfs fs, even after we
> > lxc-destroy the snapshotted container we still must manually
> > remove the snapshot. This can be handled automatically, by
> > looking for snapshots where c1 is the original, c2 is the clone,
> > tank/c2 no longer exists, but tank/c1 at c2 does. We can then
> > remove tank/c1 at c2 and feel free to remove tank/c1. This patch
> > does NOT do that yet.
> >
> > Make sure not to return when we're a forked child.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 3baa76fe36bd2b59645a952c3a47a960090c38d2
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Apr 26 00:14:37 2013 +0200
> >
> > implement zfs bdev and clone
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 9be53773792fc9e8bd173edc3b7ac7e144875387
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Apr 16 08:07:05 2013 -0500
> >
> > implement backend drivers and container clone API (v3)
> >
> > 1. commonize waitpid users to use a single helper. We frequently want
> > to run something in a clean namespace, or fork off a script. This
> > lets us keep the function doing fork:(1)exec(2)waitpid simpler.
> >
> > 2. start a blockdev backend implementation. This will be used for
> > mounting, copying, and snapshotting container filesystems.
> >
> > 3. implement btrfs, lvm, directory, and overlayfs backends.
> >
> > 4. For overlayfs, support a new lxc.rootfs format of
> > 'bdevtype:<extra>'. This means you can now use overlayfs-based
> > containers without using lxc-start-ephemeral, by using
> > lxc.rootfs = overlayfs:/readonly-dir:writeable-dir
> >
> > 5. add a set of simple clone testcases
> >
> > 6. Write a new lxc_clone.c based on api clone.
> >
> > Still to do (there's more, but off top of my head):
> >
> > 1. support zfs, aufs
> > 2. have clone handle other mount entries (right now it only clones
> > the rootfs)
> > 3. python, lua, and go bindings (not me :)
> > 4. lxc-destroy: if lvm backing store, check for snapshots of it.
> > (what about directories which have overlayfs clones?)
> >
> > Changes since v2:
> > Initialize random generator when picking new macaddr (reported
> > by caglar at 10ur.org)
> > Fix wrong use of bitmask flags
> > On copy-clone of btrfs, create a subvolume
> > lxc_clone.c: respect the command line usage of the old script
> > lxc-clone(1): update documentation
> > Refuse to try changing backing stores expect to overlayfs, as
> > it is not implemented (yet) anyway.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > Conflicts:
> > src/lxc/utils.h
> >
> > commit ab1bf971d2db43777cbf3892fb887bf71ce7d155
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 29 14:54:08 2013 -0400
> >
> > Create log file in lxcpath for non-system containers
> >
> > On Fri, 26 Apr 2013 10:18:12 -0500
> > Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> >
> > > Quoting Dwight Engen (dwight.engen at oracle.com):
> > > > On Fri, 26 Apr 2013 09:37:49 -0500
> > > > Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> > > >
> > > > > Quoting Dwight Engen (dwight.engen at oracle.com):
> > > > > > Using lxc configured with --enable-configpath-log, and
> > > > > > specifying a path to the lxc commands with -P, the log file
> > > > > > path is generated with a basename of LOGPATH instead of the
> > > > > > lxcpath. This means for example if you do
> > > > > >
> > > > > > lxc-start -P /tmp/containers -n test01 -l INFO
> > > > > >
> > > > > > your log file will be
> > > > > >
> > > > > > /var/lib/lxc/test01/test01.log
> > > > > >
> > > > > > I was expecting the log to be /tmp/containers/test01/test01.log.
> > > > > > This is particularly confusing if you also have test01 on the
> > > > > > regular lxcpath. The patch below changes the log file path to be
> > > > > > based on lxcpath rather than LOGPATH when lxc is configured with
> > > > > > --enable-configpath-log.
> > > > > >
> > > > > > I think that even in the normal non --enable-configpath-log case
> > > > > > we should consider using lxcpath as the base and not having
> > > > > > LOGPATH at all, as attempting to create the log files
> > > > > > in /var/log is not going to work for regular users on their own
> > > > > > lxcpath. If we want that, I'll update the patch to do that as
> > > > > > well.
> > > > >
> > > > >
> > > > > Perhaps we should do:
> > > > >
> > > > > 1. If lxcpath == default_lxc_path(), then first choice is
> > > > > LOGPATH, second is lxcpath/container.log
> > > > > 2. when opening, if first choice fails, use second choice
> > > > > if there is any.
> > > > >
> > > > > That way 'system' containers will go to /var/log/lxc, as I think
> > > > > they should. Custom-lxcpath containers should never go
> > > > > to /var/log/lxc, since their names could be dups of containers in
> > > > > default_lxc_path(). And if the system is a weird one where
> > > > > default_lxc_path is set up so that an unprivileged user can use
> > > > > it, then we should log into $lxcpath.
> > > >
> > > > That sounds good to me. So these rules would apply in both the
> > > > regular and --enable-configpath-log cases.
> >
> > I updated the patch to try to open the log file according to the
> > choices given above. Along the way I cleaned up log.c a bit, making
> > some things static, grouping external interfaces together, etc...
> > Hopefully that doesn't add too much noise.
> >
> > > > > (Note this patch will trivially conflict with my new lxc_clone.c
> > > > > causing it to fail to build - unfortunate result of timing)
> > > >
> > > > Yeah unfortunately this touches every lxc_log_init() caller. I can
> > > > work on the above logic and re-submit after your new lxc_clone
> > > > stuff goes in.
> > >
> > > No no, I'll just need to remember to update mine. Don't hold up on
> > > mine, this is just the nature of such collaboration :)
> > >
> > > > Did you have any thoughts on the XXX what to pass in for lxcpath in
> > > > lxc_init? Right now it just falls back to LOGPATH.
> > >
> > > No - that's a weird one, since lxc_init runs in the container. If
> > > there were only system containers I'd say always use LOGPATH.
> > > However there are people (apparently :) who use container sharing the
> > > host's rootfs...
> > >
> > > lxc-execute does know the lxcpath. Perhaps we can simply have
> > > src/lxc/execute.c:execute_start() look at handler->conf to see if a
> > > rootfs is set. If rootfs is NOT set, then pass lxcpath along to
> > > lxc-init. Then lxc-init can mostly do the same as the others? (It
> > > doesn't use src/lxc/arguments.c, so you'd have to add lxcpath to
> > > options[] in lxc-init.c)
> >
> > So I did this, only to realize that lxc-init is passing "none" for the
> > file anyway, so it currently doesn't intend to log. This makes me
> > think that passing NULL for lxcpath is the right thing to do in
> > this patch. If you want me to make it so lxc-init can log, I can do
> > that but I think it should be in a different change :)
> >
> > --
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 7f95145833bb24f54e037f73ecc37444d6635697
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 29 16:47:35 2013 -0400
> >
> > fix building docs
> >
> > Commit 69fe23ff added checking for the older docbook2man back into
> > configure, but this breaks building the docs on at least Oracle Linux and
> > Fedora when docbook2X is not installed as docbook2man will be found but the
> > docs don't actually build with that tool.
> >
> > This change makes it so the docs can be built with either the older
> > docbook2man or the newer 2X tools by using configure to set the dtd
> > string to an appropriate value depending on use of docbook2man or
> > db2x_docbook2man.
> >
> > Also fixed a small error in lxc-destroy.sgml.in that was noticed
> > by the old tools.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 33c2c3ec93c17758f37cc2e53f07f7dfe6b72336
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Apr 25 15:18:25 2013 -0500
> >
> > add zfs support to lxc-create and lxc-destroy
> >
> > This is based on patch from Papp Tamas (thanks). It also does some
> > reorganizing of lxc-create to commonize some of the backingstore handling.
> >
> > I played with it using:
> >
> > sudo lvcreate -L 100G -n zfs vg0
> > sudo zpool create lxc /dev/vg0/zfs
> > sudo lxc-create -B zfs --zfsroot lxc -t ubuntu -n dir2
> >
> > or you could
> >
> > qemu-img create zfs.img 100G
> > sudo qemu-nbd -c /dev/nbd0 zfs.img
> > sudo zpool create lxc /dev/nbd0
> > sudo lxc-create -B zfs --zfsroot lxc -t ubuntu -n dir2
> >
> > I'll write the bdev.c handler and hook up lxc-clone next.
> >
> > This also fixses a bug in the sed expression to extract the rootfs from
> > container config, which prepended an extra '/' to the rootdev. (That
> > caused the zfs list entry not to match at destroy)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Cc: Papp Tamas <tompos at martos.bme.hu>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit f485f377a1caba11c58da100d3db9a8c6fdeb7d5
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Thu Apr 25 12:21:53 2013 -0400
> >
> > lxc_wait should start monitord
> >
> > If lxc_wait is called before the container has started the socket will not
> > yet have been created and lxc_wait's connect to it will fail. Starting the
> > daemon will create the socket for lxc_wait to connect to.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 4f43438c476c3c5fb78d6192238d540108a33cb1
> > Author: Christian Seiler <christian at iwakd.de>
> > Date: Thu Apr 25 13:00:19 2013 +0200
> >
> > lxc_attach: Use clone() instead of second fork()
> >
> > Because of an assertion in glibc's fork() wrapper that parent pid and
> > pid of child should never be the same, one should avoid fork() after
> > attaching to a PID namespace, since the pid inside the namespace may
> > coincide with the pid of the parent outside the namespace, thus hitting
> > the aforementioned assertion.
> >
> > This patch just changes the code in the most simple manner to use
> > clone() instead of fork(). Since clone() requires a function to be
> > called instead of returning 0, we move the code of the child into a
> > function child_main.
> >
> > Signed-off-by: Christian Seiler <christian at iwakd.de>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 6320e49454b0fd86dde7df0af54a2e194ae59821
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Thu Apr 25 17:31:34 2013 +0200
> >
> > lxc.conf: Add reference to capabilities manpage
> >
> > This adds a reference to capabilities(7) to the lxc.conf manpage.
> >
> > Signed-off-by: Tomáš Pospíšek <tpo_deb at sourcepole.ch>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 69fe23ff0777390e34a8c0b11ce6037e5aef9109
> > Author: Peter Simons <simons at cryp.to>
> > Date: Thu Apr 25 12:20:30 2013 +0200
> >
> > configure: support for the "docbook2man" utility to build the documentation
> >
> > This adds docbook2man as an alternative name for the docbook compiler.
> > As that name was used on Debian based systems for an older version of the tool,
> > this change also adds a check so that docbook2man is never used on Debian based
> > systems.
> >
> > Reported-by: Peter Simons <simons at cryp.to>
> > Reported-by: Christian Bühler christian at cbuehler.de
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit f05699d19e27567583b9397a8d529e8aa275f5e1
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Apr 24 22:47:50 2013 -0500
> >
> > Revert "monitor.c: sanity check on waitpid return value"
> >
> > It's reported to errors in parallel starts.
> >
> > Reported-by: "S.Çağlar Onur" <caglar at 10ur.org>
> >
> > This reverts commit 6b7916695264238a490971e8cd87612154fc18b1.
> >
> > commit 6b7916695264238a490971e8cd87612154fc18b1
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Apr 24 19:59:10 2013 -0500
> >
> > monitor.c: sanity check on waitpid return value
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit e8b9ac8fdfddec6a2eaacd6cdaa968058cf4e1e2
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Apr 24 19:49:59 2013 -0500
> >
> > close fd on error path
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 4fa22bfca1e94393aa3fbdc3fdf5516e75d47521
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Wed Apr 24 15:16:21 2013 -0500
> >
> > lxc-create: cleanup whenever exiting with error
> >
> > Otherwise we leave bad containers sitting around and further confuse
> > things on retries.
> >
> > Reported-by: Mukanyiligira Didacienne <siyana223 at gmail.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit e51d4895129209cec1c15bda2322136a03ec94b2
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed Apr 24 15:06:20 2013 -0400
> >
> > Allow multiple monitor clients
> >
> > This fixes a long standing issue that there could only be a single
> > lxc-monitor per container.
> >
> > With this change, a new lxc-monitord daemon is spawned the first time
> > lxc-monitor is called against the container and will accept connections
> > from any subsequent lxc-monitor.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit dc7f65454ee88fbd50f4d6f8a7c567eb27107314
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Wed Apr 24 21:38:32 2013 +0200
> >
> > ubuntu: Don't break when the locale is C.*
> >
> > Update the code to also match C.* so that C.UTF-8 doesn't make the
> > container creation fail.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 0a9362f5745a58a3d63354d76182108ea81ecf05
> > Author: S.Çağlar Onur <caglar at 10ur.org>
> > Date: Tue Apr 23 17:24:31 2013 -0400
> >
> > Support starting containers concurrently
> >
> > Trying to start multiple containers concurrently may cause
> > lxc_monitor_read_timeout to fail as select call could be
> > interrupted by a signal, handle it.
> >
> > Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 15451ecf742bfa38a0732270b36d4a8666d2124e
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Wed Apr 24 17:24:26 2013 +0200
> >
> > python: Make the code compatibly with 3.2
> >
> > The previous change used some 3.3-specific functions.
> > We still support 3.2 so revert to 3.2-compatible calls.
> >
> > Reported-by: S.Çağlar Onur <caglar at 10ur.org>
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 6516ad8b01aac298bffe60a8d7d21745f3354a38
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Wed Apr 24 00:50:44 2013 +0200
> >
> > python: Fix convert_tuple_to_char_pointer_array
> >
> > This finally fixes a few issues with the magic
> > convert_tuple_to_char_pointer_array function.
> >
> > This now clearly copies the char* from the python object so we don't
> > end up keeping reference to those.
> >
> > Also add the few required free calls to free the content of the array.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 93d564edc5d69819e85c3fa93368d37ec803a2f9
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Wed Apr 24 11:41:45 2013 +0200
> >
> > cgroup: Remove unused mntent variables
> >
> > Spotted by coverity, we were now assigning mntent but only every using
> > mntent_r, so drop those variables and assignation.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit fd37327f57a6d53692babcaf69dfbd8f62e59918
> > Author: S.Çağlar Onur <caglar at 10ur.org>
> > Date: Wed Apr 17 17:15:51 2013 -0400
> >
> > Support stopping containers concurrently
> >
> > Trying to stop multiple containers concurrently ends up with "cgroup is not mounted" errors as multiple threads corrupts the shared variables.
> > Fix that stack corruption and start to use getmntent_r to support stopping multiple containers concurrently.
> >
> > Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit cf0f903326cf3cdd10f834c1bbc627fd81e06044
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Apr 23 08:37:41 2013 -0500
> >
> > detect APT_PROXY from host apt.conf
> >
> > Introduce a new HTTP_PROXY variable in /etc/default/lxc. If unset or
> > set to none, then behavior continues as before. If set to 'apt', then
> > any http::proxy set in apt.conf will be used as http_proxy for
> > debootstrap, and specified in the container's
> > /etc/apt/apt.conf.d/70proxy. If set to something else, then the
> > value of HTTP_PROXY will be used as http_proxy for debootstrap and
> > specified in the container's 70proxy.
> >
> > Changelog: (apr 23) merge the two apt proxy detection functions.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 051151de890705173a42bbead40a6125d34ea41b
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 22 14:02:30 2013 -0400
> >
> > goto correct cleanup label to ensure fd is closed
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit bbb8a488aeacf8a226d49773fe13798a202a78e2
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Apr 22 15:46:26 2013 -0500
> >
> > remove needless check for 'line' which cannot be NULl there
> >
> > (found by coverity)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 7e1667d76e76eb3d571be5e4b545e8ace6e92187
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon Apr 22 15:40:57 2013 -0500
> >
> > cgpath test: don't check path len before checking if it is null
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ddb17f1f0870ddb1678e34652f54458207cb3bb0
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 22 11:16:57 2013 -0400
> >
> > make lxc_af_unix_open() safely return error on long pathnames
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 599d42525144cf0fcc7de6ac1b576c5c6ae290c2
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Sun Apr 21 22:42:06 2013 +0200
> >
> > python: Fix get_ips and nesting with lxcpath
> >
> > When using -P (lxcpath), the parameter path needs to be forwarded
> > to the various commands being run but not used by the nested lxc-ls
> > as it's relatively unlikely that both the host and the nested containers
> > use a custom path.
> >
> > This isn't ideal but short of having a way to provide the container path
> > for every single of the nesting (with potential unlimited depth), it's
> > the best we can do.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a2abaa9ec60a8967611e8c8905698bd01bde5861
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Sun Apr 21 20:09:24 2013 +0200
> >
> > ubuntu: Various fixes
> >
> > - Drop disabled entries from allowed devices list
> > - Improve generated config layout a bit
> > - Drop redundant uname call
> > - Re-generate the SSH host keys on container creation
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ed4616b1cfbc84dd01caa8546d813e8c5d482921
> > Author: Christian Bühler <christian at cbuehler.de>
> > Date: Sat Apr 20 15:50:13 2013 +0200
> >
> > Use "uname -m" instead of "arch"
> >
> > According to "arch"'s manpage, it's identical to "uname -m".
> >
> > Some distros ship uname but don't ship arch, however all distros ship uname,
> > therefore it makes sense to use "uname -m" whenever possible.
> >
> > Signed-off-by: Christian Bühler <christian at cbuehler.de>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 6c5db2af1f706e8f21f2a5f074bada96e9011052
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Thu Apr 18 22:20:53 2013 +0200
> >
> > python: Various fixes to the python scripts
> >
> > This fixes a few issues uncovered by the recent C module fix.
> >
> > In lxc-start-ephemeral, the hwaddr code wasn't actually working.
> > Replace by code that properly iterates through the network interfaces
> > and sets a new MAC address for each entry.
> >
> > In the python overlay, catch the newly emitted KeyError when in
> > set_config_item (or setting any previously unset variable would fail).
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2ebec36f271d4ee943281e32feb3552745115347
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Fri Apr 12 11:19:56 2013 +0200
> >
> > python: Lots of fixes in C extension
> >
> > Fixes a lot of issues found by a code review done by Barry Warsaw.
> >
> > Those include:
> > - Wrong signature for getters
> > - Various memory leaks
> > - Various optimizations
> > - More consistent return values
> > - Proper exception handling
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> > Reported-by: Barry Warsaw <barry at ubuntu.com>
> > Acked-by: Barry Warsaw <barry at ubuntu.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 860fc865b0ae0fd6381a8a9a777efdbde0aaefb6
> > Author: Richard Weinberger <richard at nod.at>
> > Date: Wed Apr 17 23:54:09 2013 +0200
> >
> > utils: reimplement/fix mkdir_p() (v2)
> >
> > Reimplement mkdir_p() such that it:
> > ...handles relativ paths correctly. (currently it crashes)
> > ...does not rely on dirname().
> > ...is not recursive.
> > ...is shorter. ;-)
> >
> > Signed-off-by: Richard Weinberger <richard at nod.at>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 23154d5764c06b68a5c154cecd89524ebe747ca1
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Thu Apr 18 10:30:33 2013 +0200
> >
> > Revert "start: Detect early failure of the new child"
> >
> > This reverts commit 5a5c35c3a01afec515e688c8366e6f893985518d.
> >
> > This commit was preventing startup of containers using lxc hooks and
> > shutdown of all other containers, requiring the use of a good old
> > kill -9 to get rid of lxc-start after a container shutdown.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 3763ee85915d28737bfebffa136bfb49ef0a2109
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Thu Apr 18 10:29:44 2013 +0200
> >
> > Revert "utils: reimplement/fix mkdir_p()"
> >
> > This reverts commit 8de4140644f01180f2fdab55b0ab0f13d1c761c6.
> >
> > This commit was preventing container startup on my machine, making them
> > all fail with various "No such file or directory" errors.
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 8de4140644f01180f2fdab55b0ab0f13d1c761c6
> > Author: Richard Weinberger <richard at nod.at>
> > Date: Wed Apr 17 17:13:40 2013 +0200
> >
> > utils: reimplement/fix mkdir_p()
> >
> > Reimplement mkdir_p() such that it:
> > ...handles relativ paths correctly. (currently it crashes)
> > ...does not rely on dirname().
> > ...is not recursive.
> > ...is shorter. ;-)
> >
> > Signed-off-by: Richard Weinberger <richard at nod.at>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 5a5c35c3a01afec515e688c8366e6f893985518d
> > Author: Richard Weinberger <richard at nod.at>
> > Date: Tue Apr 16 23:42:23 2013 +0200
> >
> > start: Detect early failure of the new child
> >
> > If the process in the new namespace dies very early
> > we have currently no chance to detect this.
> > The parent process will just die due to SIGPIPE
> > if it write to the fd used for synchronisation and
> > nobody will notice the real cause of the problem.
> >
> > Install a SIGCHLD handler to detect the death.
> > Later when the child does execve() to the init within
> > the new namespace the handler will be disabled automatically.
> >
> > Signed-off-by: Richard Weinberger <richard at nod.at>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 6b28a086310b8715f4655446f4c01d9555ef1786
> > Author: Richard Weinberger <richard at nod.at>
> > Date: Tue Apr 16 23:48:16 2013 +0200
> >
> > init: Fix whitespace damage
> >
> > While we are here, fix the whitespace damage.
> >
> > Signed-off-by: Richard Weinberger <richard at nod.at>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a81bad13ec305b885eff2934307d9205d55e0050
> > Author: Richard Weinberger <richard at nod.at>
> > Date: Tue Apr 16 23:48:15 2013 +0200
> >
> > init: unnest interrupt_handler
> >
> > There is no need to use nested functions voodoo.
> >
> > Signed-off-by: Richard Weinberger <richard at nod.at>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2c7d90ac6eb4d883d9650d17cd915d958b4e5e66
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue Apr 16 11:47:29 2013 -0400
> >
> > quiet gcc 4.4.7 warning about saveptr use before initialization
> >
> > The recent change to use strtok_r causes a build warning with this older
> > gcc version, so initialize saveptr to NULL to quiet the compiler and
> > unbreak the build. There was no warning with gcc 4.7.2 that I
> > originally tested with.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 98663823e47ec56ff5a8205a17cc884acbf9cabd
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Apr 16 07:41:17 2013 -0500
> >
> > fix spacing
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 883f4a1eae77f332059dc0be6f965485a0361ec0
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Apr 16 07:35:05 2013 -0500
> >
> > mkdir_p: account for '//foo/bar'
> >
> > As Richard reported, dirname('//') returns //. But mkdir_p only stops
> > when called with '/', resulting in infinite recursion when given a
> > pathname '//foo/bar'.
> >
> > Reported-by: richard -rw- weinberger <richard.weinberger at gmail.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit ce4c4ca43586825a13c1abb4ce13e90d9447a0eb
> > Author: Bogdan Purcareata <bogdan.purcareata at freescale.com>
> > Date: Thu Apr 11 16:29:44 2013 +0300
> >
> > lxc-template: enable chroot + chpasswd functionality for Busybox hosts
> >
> > This patch supports the scenario where a user wants to install a
> > busybox container on a busybox host.
> >
> > When running the template, in order to change the root password,
> > the template needs to do the chroot. On busybox-powered hosts, chroot
> > is not part of the coreutils package - it's part of busybox. And the
> > busybox implementation or chroot only works if it has /lib in the new
> > root populated with the right binaries (or at least that's the
> > solution I found to make it work).
> >
> > The temporarily bind-mounts /lib in the NEWROOT, chroots there,
> > changes the password, goes back and unmounts. This set of operations
> > is contained in a new MOUNT namespace, using the lxc-unshare call.
> >
> > Signed-off-by: Bogdan Purcareata <bogdan.purcareata at freescale.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 8e7da691af29fe1d8b93d2e4acc98eb188ae74cc
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 15 13:43:14 2013 -0400
> >
> > fix checking hook script exit code
> >
> > pclose returns the exit status from wait, we need to check that to see if
> > the script itself failed or not. Tested a script that returned 0, 1, and
> > also one that did a sleep and then was killed by a signal.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2796cf790f80e8be8dd90238f6789e52bd3cc2ac
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 15 15:28:07 2013 -0400
> >
> > fortify: use reentrant safe strtok_r
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit e6a19d2683629888175371ed2eeb8a49a7b44873
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 15 15:59:12 2013 -0400
> >
> > fortify: minor cleanups for unused variables, stricter types
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 0a2188544a538b421612c90d44e56853a9d64458
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 15 15:40:53 2013 -0400
> >
> > fortify: check the value returned from write(2)
> >
> > Also check that we wrote the amount we expected to. The write on the pty
> > is blocking but we could still get a short write on EINTR, so we should
> > SYSERROR it.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 03027ad99f2759182fbcd3363298ae6adaf88cdb
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 15 16:05:36 2013 -0400
> >
> > fix lxc-attach usage
> >
> > This makes it match the manpage and be consistent with lxc-execute
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 4d44e274dcd933327c4f1c1cc7e1f876d08ffa85
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 22:57:46 2013 -0500
> >
> > fix coverity-found errors.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 00b6be440f93131e35e75fb1b34d8d3220590bb5
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 22:44:09 2013 -0500
> >
> > coverity resource leak fixes
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 5371906219ff19886169612993efbb8e82f749a7
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 22:22:10 2013 -0500
> >
> > fix coverity-found resource leaks on error paths.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 2802732032aeaabe8c793ae76112d9c8ba13ee23
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 22:16:26 2013 -0500
> >
> > fix coverity-found resource leaks in config_network_ipv6
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit bb1d227404ff96564877a04ef9299c63f608f543
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 22:02:03 2013 -0500
> >
> > fix free of alloca()d buffer (found by coverity)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 022de5f317014c538e17378b626cf3267625e141
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 21:59:02 2013 -0500
> >
> > fix resource leak of netdev on error path found by coverity
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b6f24d54f54146a0f5de700dac7ffc2ef7624359
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 21:56:51 2013 -0500
> >
> > fix resource leak of utsname in error path found by coverity
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a6537fbbfb0b9d08adc58ae23b873a084e5d479c
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 21:48:49 2013 -0500
> >
> > genl.c: fix a resource leak found by coverity
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit a741a85d8e241e9ca773f3cd7575d720837fcb51
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 21:45:00 2013 -0500
> >
> > lxcapi_create: fix leak of tpath when a container already exists
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit b4e4ca49c792d7320787a6991ce1815d26060d39
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 21:39:34 2013 -0500
> >
> > lxc_monitor: make sure msg.name is null terminated (bug found by coverity)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit c928f41fc0e79a24e4c43a80fb26b3c46997d91a
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 21:18:53 2013 -0500
> >
> > ifdef out skipped startone test code
> >
> > Unfortunately installing a working lxc-init is somewhat hairy and
> > distro-dependent. So we skipped it before, but Coverity didn't
> > like that, so just ifdef it out.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 416707883893211a15c031b1f3589bc7cde9bf2b
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 21:17:09 2013 -0500
> >
> > lxccontaienr: fix missing va_end in error case.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 586d4e9be1eb13cd9cb77cf6c56ce57e24623c44
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Sun Apr 14 21:12:58 2013 -0500
> >
> > lxcccontainer: add missing va_end found by coverity
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit af41709c4243e0fd9dc1fac5f22cdd47316f8277
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Apr 12 15:15:22 2013 -0500
> >
> > af_unix.c: fix coverity-found bug: pass addr size
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit bdb539b89bbe123018392bb8c64cb94c13d736a8
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Apr 12 15:11:29 2013 -0500
> >
> > lxclock: fix coverity-found leak
> >
> > if sem_init fails, free what we mallocd.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 8767795058ca5b46c8a9e335ad941d8799241716
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Fri Apr 12 15:11:11 2013 -0500
> >
> > lxclock: indentation
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 43d1aa34aab1c43bce8f083d024bf54f0246a884
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Thu Apr 11 11:43:31 2013 -0500
> >
> > Fix up struct lxc_container locking
> >
> > 1. in container_free, set c->privlock to NULL before calling
> > sem_destroy, to prevent a window where another thread could call
> > sem_wait(c->privlock) while c->privlock is not NULL but is already
> > destroyed.
> >
> > 2. in container_get, check for numthreads < 0 before calling lxclock.
> > Once numthreads is 0, it never goes back up.
> >
> > Following is a comment added to lxccontainer.c:
> >
> > /*
> > * Consider the following case:
> > freer | racing get()er
> > ==================================================================
> > lxc_container_put() | lxc_container_get()
> > \ lxclock(c->privlock) | c->numthreads < 1? (no)
> > \ c->numthreads = 0 | \ lxclock(c->privlock) -> waits
> > \ lxcunlock() | \
> > \ lxc_container_free() | \ lxclock() returns
> > | \ c->numthreads < 1 -> return 0
> > \ \ (free stuff) |
> > \ \ sem_destroy(privlock) |
> >
> > * When the get()er checks numthreads the first time, one of the following
> > * is true:
> > * 1. freer has set numthreads = 0. get() returns 0
> > * 2. freer is between lxclock and setting numthreads to 0. get()er will
> > * sem_wait on privlock, get lxclock after freer() drops it, then see
> > * numthreads is 0 and exit without touching lxclock again..
> > * 3. freer has not yet locked privlock. If get()er runs first, then put()er
> > * will see --numthreads = 1 and not call lxc_container_free().
> > */
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Acked-by: Seth Arnold <seth.arnold at canonical.com>
> > Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit e649c8032f84b488cac8ea6c8fb9a77c424a0419
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: Thu Apr 11 14:15:21 2013 +0200
> >
> > python: Fix memory management
> >
> > Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
> >
> > commit 75129865d48d2293383316f88ce7661e37dde43d
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed Apr 3 14:43:15 2013 -0400
> >
> > ubuntu template: fix installation when LANG=C
> >
> > The ubuntu template will silently fail (because it is set -e) on
> > the locale-gen command when LANG=C
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 9eee2f7739dbaf82d3b0837de41cdcba5ee4a1d3
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed Apr 3 12:31:46 2013 -0400
> >
> > oracle template: install additional user specified pkgs
> >
> > Fix lxc-create to not word split template arguments. This makes
> > lxc-create -n ol -t oracle -- -r "at cronie wget" work since the argument
> > to -r will be passed as one arg instead of three.
> >
> > Fix oracle template -u option to shift the correct amount.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 33892746e373449a8a69a4265d783bf701cb5784
> > Author: Wojciech Izykowski <wizykowski at gmail.com>
> > Date: Sat Apr 6 16:33:00 2013 +0200
> >
> > lxc-start-ephemeral: fixed bug with wrong ssh option (-k instead of -i)
> >
> > Corrected ssh option for custom key (from -k to -i). Just see ssh
> > manpage for justification.
> >
> > Signed-off-by: Wojciech Izykowski <wizykowski at gmail.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 6efdcb6a3cc4d06bf64af69b08bc95335f02b79f
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed Apr 3 17:08:32 2013 -0400
> >
> > debian template: set arch when dpkg doesn't exist on host
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit fe19f236a2295da1e01ab05ff59853c5a4556811
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Mon Apr 8 12:45:23 2013 -0400
> >
> > fix wait status in pid reuse case
> >
> > Commit 37c3dfc9 sets the wait status on only the child pid. It
> > intended to match the pid only once to protect against pid reuse but it
> > won't because the indicator was reset to 0 every time at the top of the
> > loop. If the child pid is reused, the wait status will be set again.
> > Fix by setting indicator outside the loop.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 1354f952876e96b456425efc7ed9994caf687028
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Tue Apr 9 09:41:15 2013 -0400
> >
> > minor documentation fixes / clarification
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit 190a2ea88e9820e5e150ce36414233da4bd34b44
> > Author: Dwight Engen <dwight.engen at oracle.com>
> > Date: Wed Apr 10 10:49:51 2013 -0400
> >
> > remove unused lxc_copy_file
> >
> > Commit e3642c43 added lxc_copy_file for use in 64e1ae63. The use of it
> > was removed in commit 1bc60a65. Removing it reduces dead code and the
> > footprint of liblxc.
> >
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > commit fd95f2402dc70ad41fa2db8fb101f950196458a9
> > Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Tue Apr 9 16:23:05 2013 -0500
> >
> > lxc.functions: don't let LXC_PATH= line end in failure
> >
> > Otherwise if called from dash with set -e, dash will exit. This
> > causes lxc-clone to fail.
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> >
> > -----------------------------------------------------------------------
> >
> > Summary of changes:
> > .gitignore | 12 +-
> > CONTRIBUTING | 24 +
> > autogen.sh | 21 +
> > config/Makefile.am | 4 +-
> > configure.ac | 125 ++-
> > doc/Makefile.am | 1 -
> > doc/common_options.sgml.in | 2 +-
> > doc/legacy/lxc-ls.sgml.in | 8 +-
> > doc/lxc-attach.sgml.in | 4 +-
> > doc/lxc-cgroup.sgml.in | 4 +-
> > doc/lxc-checkconfig.sgml.in | 4 +-
> > doc/lxc-checkpoint.sgml.in | 4 +-
> > doc/lxc-clone.sgml.in | 150 ++-
> > doc/lxc-console.sgml.in | 15 +-
> > doc/lxc-create.sgml.in | 16 +-
> > doc/lxc-destroy.sgml.in | 21 +-
> > doc/lxc-device.sgml.in | 4 +-
> > doc/lxc-execute.sgml.in | 12 +-
> > doc/lxc-freeze.sgml.in | 4 +-
> > doc/lxc-info.sgml.in | 32 +-
> > doc/lxc-kill.sgml.in | 4 +-
> > doc/lxc-ls.sgml.in | 4 +-
> > doc/lxc-monitor.sgml.in | 23 +-
> > doc/lxc-netstat.sgml.in | 4 +-
> > doc/lxc-ps.sgml.in | 10 +-
> > doc/lxc-restart.sgml.in | 4 +-
> > doc/lxc-shutdown.sgml.in | 98 --
> > doc/lxc-start-ephemeral.sgml.in | 4 +-
> > doc/lxc-start.sgml.in | 4 +-
> > doc/lxc-stop.sgml.in | 96 ++-
> > doc/lxc-top.sgml.in | 4 +-
> > doc/lxc-unfreeze.sgml.in | 4 +-
> > doc/lxc-unshare.sgml.in | 10 +-
> > doc/lxc-version.sgml.in | 4 +-
> > doc/lxc-wait.sgml.in | 4 +-
> > doc/lxc.conf.sgml.in | 246 ++++-
> > doc/lxc.sgml.in | 4 +-
> > doc/see_also.sgml.in | 2 +-
> > hooks/Makefile.am | 4 +-
> > hooks/clonehostname | 29 +
> > hooks/mountcgroups | 25 +-
> > hooks/mountecryptfsroot | 2 +-
> > hooks/ubuntu-cloud-prep | 184 +++
> > lxc.spec.in | 3 +-
> > runapitests.sh | 18 +
> > src/include/getline.c | 29 +
> > src/include/getline.h | 31 +
> > src/include/ifaddrs.c | 597 +++++++++
> > src/include/ifaddrs.h | 54 +
> > src/include/lxcmntent.c | 20 +
> > src/include/lxcmntent.h | 21 +
> > src/include/openpty.c | 36 +-
> > src/include/openpty.h | 23 +
> > src/lua-lxc/Makefile.am | 4 +-
> > src/lua-lxc/core.c | 54 +-
> > src/lua-lxc/lxc.lua | 128 +-
> > src/lxc/Makefile.am | 77 +-
> > src/lxc/af_unix.c | 21 +-
> > src/lxc/af_unix.h | 2 +-
> > src/lxc/apparmor.c | 25 +-
> > src/lxc/apparmor.h | 20 +
> > src/lxc/arguments.c | 39 +-
> > src/lxc/arguments.h | 24 +-
> > src/lxc/attach.c | 643 +++++++++-
> > src/lxc/attach.h | 10 +-
> > src/lxc/attach_options.h | 120 ++
> > src/lxc/bdev.c | 2070 ++++++++++++++++++++++++++++++
> > src/lxc/bdev.h | 138 ++
> > src/lxc/caps.c | 40 +-
> > src/lxc/caps.h | 6 +-
> > src/lxc/cgroup.c | 1237 +++++++++++++-----
> > src/lxc/cgroup.h | 37 +-
> > src/lxc/checkpoint.c | 2 +-
> > src/lxc/commands.c | 701 +++++++++--
> > src/lxc/commands.h | 83 +-
> > src/lxc/conf.c | 390 +++++--
> > src/lxc/conf.h | 32 +-
> > src/lxc/confile.c | 145 ++-
> > src/lxc/confile.h | 2 +-
> > src/lxc/console.c | 786 +++++++++---
> > src/lxc/console.h | 20 +-
> > src/lxc/error.c | 2 +-
> > src/lxc/error.h | 2 +-
> > src/lxc/execute.c | 45 +-
> > src/lxc/freezer.c | 33 +-
> > src/lxc/genl.c | 19 +-
> > src/lxc/genl.h | 2 +-
> > src/lxc/legacy/lxc-ls.in | 2 +-
> > src/lxc/list.c | 2 +-
> > src/lxc/list.h | 23 +
> > src/lxc/log.c | 243 +++--
> > src/lxc/log.h | 16 +-
> > src/lxc/lxc-checkconfig.in | 2 +-
> > src/lxc/lxc-clone.in | 324 -----
> > src/lxc/lxc-create.in | 357 -----
> > src/lxc/lxc-destroy.in | 63 +-
> > src/lxc/lxc-device | 2 +-
> > src/lxc/lxc-ls | 11 +-
> > src/lxc/lxc-netstat.in | 35 +-
> > src/lxc/lxc-ps.in | 31 +-
> > src/lxc/lxc-shutdown.in | 151 ---
> > src/lxc/lxc-start-ephemeral.in | 28 +-
> > src/lxc/lxc-top | 13 +-
> > src/lxc/lxc.functions.in | 15 +-
> > src/lxc/lxc.h | 62 +-
> > src/lxc/lxc_attach.c | 458 ++------
> > src/lxc/lxc_cgroup.c | 35 +-
> > src/lxc/lxc_checkpoint.c | 4 +-
> > src/lxc/lxc_clone.c | 179 +++
> > src/lxc/lxc_config.c | 70 +
> > src/lxc/lxc_console.c | 192 +---
> > src/lxc/lxc_create.c | 246 ++++
> > src/lxc/lxc_destroy.c | 103 ++
> > src/lxc/lxc_execute.c | 8 +-
> > src/lxc/lxc_freeze.c | 30 +-
> > src/lxc/lxc_info.c | 43 +-
> > src/lxc/lxc_init.c | 96 +-
> > src/lxc/lxc_kill.c | 6 +-
> > src/lxc/lxc_monitor.c | 38 +-
> > src/lxc/lxc_monitord.c | 409 ++++++
> > src/lxc/lxc_restart.c | 8 +-
> > src/lxc/lxc_start.c | 102 +-
> > src/lxc/lxc_stop.c | 127 ++-
> > src/lxc/lxc_unfreeze.c | 30 +-
> > src/lxc/lxc_unshare.c | 2 +-
> > src/lxc/lxc_user_nic.c | 782 +++++++++++
> > src/lxc/lxc_usernsexec.c | 417 ++++++
> > src/lxc/lxc_wait.c | 18 +-
> > src/lxc/lxccontainer.c | 1783 ++++++++++++++++++++++----
> > src/lxc/lxccontainer.h | 124 ++-
> > src/lxc/lxclock.c | 330 ++++-
> > src/lxc/lxclock.h | 94 +-
> > src/lxc/lxcseccomp.h | 2 +-
> > src/lxc/lxcutmp.c | 4 +-
> > src/lxc/lxcutmp.h | 2 +-
> > src/lxc/mainloop.c | 9 +-
> > src/lxc/mainloop.h | 9 +-
> > src/lxc/monitor.c | 243 +++-
> > src/lxc/monitor.h | 12 +-
> > src/lxc/namespace.c | 4 +-
> > src/lxc/namespace.h | 5 +-
> > src/lxc/network.c | 8 +-
> > src/lxc/network.h | 2 +-
> > src/lxc/nl.c | 2 +-
> > src/lxc/nl.h | 2 +-
> > src/lxc/parse.c | 10 +-
> > src/lxc/parse.h | 2 +-
> > src/lxc/restart.c | 2 +-
> > src/lxc/rtnl.c | 2 +-
> > src/lxc/rtnl.h | 2 +-
> > src/lxc/seccomp.c | 2 +-
> > src/lxc/start.c | 260 +---
> > src/lxc/start.h | 6 +-
> > src/lxc/state.c | 113 +--
> > src/lxc/state.h | 2 +-
> > src/lxc/stop.c | 115 --
> > src/lxc/sync.c | 2 +-
> > src/lxc/sync.h | 2 +-
> > src/lxc/utils.c | 405 +++++--
> > src/lxc/utils.h | 163 +++-
> > src/lxc/version.c | 2 +-
> > src/lxc/version.h | 2 +-
> > src/python-lxc/examples/api_test.py | 14 +-
> > src/python-lxc/examples/pyconsole-vte.py | 80 ++
> > src/python-lxc/examples/pyconsole.py | 54 +
> > src/python-lxc/lxc.c | 753 ++++++++++--
> > src/python-lxc/lxc/__init__.py | 182 ++--
> > src/python-lxc/setup.py | 23 +
> > src/tests/Makefile.am | 16 +-
> > src/tests/cgpath.c | 278 +++--
> > src/tests/clonetest.c | 178 +++
> > src/tests/console.c | 177 +++
> > src/tests/containertests.c | 2 +-
> > src/tests/createtest.c | 2 +-
> > src/tests/destroytest.c | 2 +-
> > src/tests/get_item.c | 2 +-
> > src/tests/locktests.c | 258 ++---
> > src/tests/lxc-test-usernic | 67 +
> > src/tests/saveconfig.c | 2 +-
> > src/tests/shutdowntest.c | 2 +-
> > src/tests/startone.c | 4 +-
> > templates/Makefile.am | 3 +-
> > templates/lxc-alpine.in | 130 ++-
> > templates/lxc-altlinux.in | 26 +-
> > templates/lxc-archlinux.in | 14 +-
> > templates/lxc-busybox.in | 53 +-
> > templates/lxc-cirros.in | 321 +++++
> > templates/lxc-debian.in | 31 +-
> > templates/lxc-fedora.in | 231 +++-
> > templates/lxc-opensuse.in | 21 +-
> > templates/lxc-oracle.in | 32 +-
> > templates/lxc-sshd.in | 82 +-
> > templates/lxc-ubuntu-cloud.in | 226 ++--
> > templates/lxc-ubuntu.in | 132 ++-
> > 194 files changed, 16157 insertions(+), 4782 deletions(-)
> > delete mode 100644 doc/lxc-shutdown.sgml.in
> > create mode 100755 hooks/clonehostname
> > create mode 100755 hooks/ubuntu-cloud-prep
> > create mode 100644 src/include/ifaddrs.c
> > create mode 100644 src/include/ifaddrs.h
> > create mode 100644 src/lxc/attach_options.h
> > create mode 100644 src/lxc/bdev.c
> > create mode 100644 src/lxc/bdev.h
> > delete mode 100755 src/lxc/lxc-clone.in
> > delete mode 100644 src/lxc/lxc-create.in
> > delete mode 100644 src/lxc/lxc-shutdown.in
> > create mode 100644 src/lxc/lxc_clone.c
> > create mode 100644 src/lxc/lxc_config.c
> > create mode 100644 src/lxc/lxc_create.c
> > create mode 100644 src/lxc/lxc_destroy.c
> > create mode 100644 src/lxc/lxc_monitord.c
> > create mode 100644 src/lxc/lxc_user_nic.c
> > create mode 100644 src/lxc/lxc_usernsexec.c
> > delete mode 100644 src/lxc/stop.c
> > create mode 100755 src/python-lxc/examples/pyconsole-vte.py
> > create mode 100755 src/python-lxc/examples/pyconsole.py
> > create mode 100644 src/tests/clonetest.c
> > create mode 100644 src/tests/console.c
> > create mode 100755 src/tests/lxc-test-usernic
> > create mode 100644 templates/lxc-cirros.in
> >
> >
> > hooks/post-receive
> > --
> > lxc
> >
>
> > ------------------------------------------------------------------------------
> > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> > Discover the easy way to master current and previous Microsoft technologies
> > and advance your career. Get an incredible 1,500+ hours of step-by-step
> > tutorial videos with LearnDevNow. Subscribe today and save!
> > http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
>
> > _______________________________________________
> > Lxc-devel mailing list
> > Lxc-devel at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/lxc-devel
>
>
> --
> Stéphane Graber
> Ubuntu developer
> http://www.ubuntu.com
> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20130909/9ac923ea/attachment.pgp>
More information about the lxc-devel
mailing list