[lxc-devel] [lxc/lxc] 5b75ee: lxc-fedora: when using systemd, set lxc.kmsg = 0 i...

GitHub noreply at github.com
Mon Jan 5 21:32:33 UTC 2015 

  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: 5b75ee4747c5f26c52cfb6127b6420f38f4fba88
      https://github.com/lxc/lxc/commit/5b75ee4747c5f26c52cfb6127b6420f38f4fba88
  Author: Michael Adam <obnox at samba.org>
  Date:   2015-01-05 (Mon, 05 Jan 2015)

  Changed paths:
    M templates/lxc-fedora.in

  Log Message:
  -----------
  lxc-fedora: when using systemd, set lxc.kmsg = 0 in the config

This is to prevent systemd-journald to enter a 100% cpu loop.

Signed-off-by: Michael Adam <obnox at samba.org>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>


  Commit: afc55ed2794ce63714bfcee70b1d0d42d3e8ee05
      https://github.com/lxc/lxc/commit/afc55ed2794ce63714bfcee70b1d0d42d3e8ee05
  Author: Michael Adam <obnox at samba.org>
  Date:   2015-01-05 (Mon, 05 Jan 2015)

  Changed paths:
    M templates/lxc-fedora.in

  Log Message:
  -----------
  lxc-fedora: In fedora21, the fedora-repos package is needed.

fedora-release has been split into fedora-release and fedora-repos.

Signed-off-by: Michael Adam <obnox at samba.org>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>


  Commit: abf117c398c957b213feebe3fa6dea3107c3a452
      https://github.com/lxc/lxc/commit/abf117c398c957b213feebe3fa6dea3107c3a452
  Author: Natanael Copa <ncopa at alpinelinux.org>
  Date:   2015-01-05 (Mon, 05 Jan 2015)

  Changed paths:
    M templates/lxc-alpine.in

  Log Message:
  -----------
  lxc-alpine: use yaml for detection of latest release

Alpine Linux provides yaml files with latest release instead of the old
approach with .latest.txt.

Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>


  Commit: 98b745498bf97637f68311f944903777f3ee1e67
      https://github.com/lxc/lxc/commit/98b745498bf97637f68311f944903777f3ee1e67
  Author: Stéphane Graber <stgraber at ubuntu.com>
  Date:   2015-01-05 (Mon, 05 Jan 2015)

  Changed paths:
    M config/apparmor/abstractions/container-base
    M config/apparmor/abstractions/container-base.in

  Log Message:
  -----------
  apparmor: Block access to /proc/kcore

Just like we block access to mem and kmem, there's no good reason for
the container to have access to kcore.

Reported-by: Marc Schaefer
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>


  Commit: 97a8f74f0c80ef71305e86fcef4273afd92b377c
      https://github.com/lxc/lxc/commit/97a8f74f0c80ef71305e86fcef4273afd92b377c
  Author: Stéphane Graber <stgraber at ubuntu.com>
  Date:   2015-01-05 (Mon, 05 Jan 2015)

  Changed paths:
    M src/lxc/conf.c

  Log Message:
  -----------
  Also drop caps in unpriv containers

Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>


Compare: https://github.com/lxc/lxc/compare/d3eccbbf805c...97a8f74f0c80

More information about the lxc-devel mailing list