[lxc-devel] [lxc/lxc] 3eafa2: doc: Add the description of common options in lxc-...
GitHub
noreply at github.com
Mon Sep 21 20:38:20 UTC 2015
Branch: refs/heads/stable-1.1
Home: https://github.com/lxc/lxc
Commit: 3eafa2f7457bd3148849b1cf3d4b80da98b9b833
https://github.com/lxc/lxc/commit/3eafa2f7457bd3148849b1cf3d4b80da98b9b833
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M doc/ja/lxc-destroy.sgml.in
M doc/lxc-destroy.sgml.in
Log Message:
-----------
doc: Add the description of common options in lxc-destroy(1)
* Remove '-P' option, and common options (including '-P' option)
* Add long option for '-f'
* Improve Japanese translation
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 1f9ddb78a4e2a60f05161a32b6bd538ff188e191
https://github.com/lxc/lxc/commit/1f9ddb78a4e2a60f05161a32b6bd538ff188e191
Author: Major Hayden <major at mhtx.net>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
Tear down network devices during container halt
On very busy systems, some virtual network devices won't be destroyed after a
container halts. This patch uses the lxc_delete_network() method to ensure
that network devices attached to the container are destroyed when the
container halts.
Without the patch, some virtual network devices are left over on the system
and must be removed with `ip link del <device>`. This caused containers
with lxc.network.veth.pair to not be able to start. For containers using
randomly generated virtual network device names, the old devices will hang
around on the bridge with their original MAC address.
Signed-off-by: Major Hayden <major at mhtx.net>
Commit: e3a1984d7d09d054f2b9199ba7ed98386445e7ae
https://github.com/lxc/lxc/commit/e3a1984d7d09d054f2b9199ba7ed98386445e7ae
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
coverity: fix mount_entry_create_dir_file
First, fix use of uninitialized variable 'ret'. Then, actually use
the value it returned in its caller.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 6fd8be165361f16457b0af8ac192e653886813c4
https://github.com/lxc/lxc/commit/6fd8be165361f16457b0af8ac192e653886813c4
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M doc/ja/lxc.container.conf.sgml.in
Log Message:
-----------
doc: Add LXC-specific mount option in Japanese lxc.container.conf(5)
Add the description of optional, create=file/dir for lxc.mount.entry.
This is update for commit f5b67b3.
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: d8b1be98db89f07ba166d287edcd4f06abde9367
https://github.com/lxc/lxc/commit/d8b1be98db89f07ba166d287edcd4f06abde9367
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M config/apparmor/profiles/lxc-default-with-nesting
M config/templates/Makefile.am
A config/templates/nesting.conf.in
M configure.ac
Log Message:
-----------
Add a nesting.conf which can be included to support nesting containers (v2)
Newer kernels have added a new restriction: if /proc or /sys on the
host has files or non-empty directories which are over-mounted, and
there is no /proc which fully visible, then it assumes there is a
"security" reason for this. It prevents anyone in a non-initial user
namespace from creating a new proc or sysfs mount.
To work around this, this patch adds a new 'nesting.conf' which can be
lxc.include'd from a container configuration file. It adds a
non-overmounted mount of /proc and /sys under /dev/.lxc, so that the
kernel can see that we're not trying to *hide* things like /proc/uptime.
and /sys/devices/virtual/net. If the host adds this to the config file
for container w1, then container w1 will support unprivileged child
containers.
The nesting.conf file also sets the apparmor profile to the with-nesting
variant, since that is required anyway. This actually means that
supporting nesting isn't really more work than it used to be, just
different. Instead of adding
lxc.aa_profile = lxc-container-default-with-nesting
you now just need to
lxc.include = /usr/share/lxc/config/nesting.conf
(Look, fewer characters :)
Finally, in order to maintain the current apparmor protections on
proc and sys, we make /dev/.lxc/{proc,sys} non-read/writeable.
We don't need to be able to use them, we're just showing the
kernel what's what.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: fd7487181d35ef18332be31c64f40200fa6618a3
https://github.com/lxc/lxc/commit/fd7487181d35ef18332be31c64f40200fa6618a3
Author: Christian Brauner <christianvanbrauner at gmail.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/lxc_info.c
Log Message:
-----------
Fix reallocation calculation
Signed-off-by: Christian Brauner <christianvanbrauner at gmail.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: f60d4e1810998af7830c803295fb666ac6019693
https://github.com/lxc/lxc/commit/f60d4e1810998af7830c803295fb666ac6019693
Author: Christian Brauner <christianvanbrauner at gmail.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/bdev.c
M src/lxc/bdev.h
Log Message:
-----------
Add bdev_destroy() and bdev_destroy_wrapper()
static do_bdev_destroy() and bdev_destroy_wrapper() from lxccontainer.c become
public bdev_destroy() and bdev_destroy_wrapper() in bdev.c and bdev.h
Signed-off-by: Christian Brauner <christianvanbrauner at gmail.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: 857482f375e198f7c6731e3e4ca9118e7e27e24a
https://github.com/lxc/lxc/commit/857482f375e198f7c6731e3e4ca9118e7e27e24a
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/bdev.c
Log Message:
-----------
overlayfs_clone: rsync the mounted rootfs
Closes #655
We can't rsync the delta as unpriv user because we can't create
the chardevs representing a whiteout. We can however rsync the
rootfs and have the kernel create the whiteouts for us.
do_rsync: pass --delete
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 801602a728629a553ea606629b01a930a8652ca5
https://github.com/lxc/lxc/commit/801602a728629a553ea606629b01a930a8652ca5
Author: Tycho Andersen <tycho.andersen at canonical.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/lxc-checkconfig.in
Log Message:
-----------
lxc-checkconfig: add some more config options
Here's some more config options that we do actually require to be able to
boot containers.
Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: 1212197ee23087ad9703edc0c317a9fd94c31336
https://github.com/lxc/lxc/commit/1212197ee23087ad9703edc0c317a9fd94c31336
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
lxc_rmdir_onedev: don't fail if path doesn't exist
We're asked to delete it, don't fail if it doesn't exist.
This stops lxc-destroy from failing when the container isn't fully
built.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: e228426cf483dc6a406276550b9cc7222e7c2602
https://github.com/lxc/lxc/commit/e228426cf483dc6a406276550b9cc7222e7c2602
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/bdev.c
Log Message:
-----------
overlayfs_mount: create delta dir if it doesn't exist
(This *should* fix the lxc-test-snapshot testcase, but doesn't seem
to by itself.)
If it doesn't exist, we may as well start with an empty one. This
is needed when creating an overlayfs snapshot.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 3563f36110aaf03f2b6bbe11a68c594f490bebe3
https://github.com/lxc/lxc/commit/3563f36110aaf03f2b6bbe11a68c594f490bebe3
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/bdev.c
Log Message:
-----------
ovl_rsync: make sure to umount
Otherwise the kernel will umount when it gets around to it, but
that on lxc_destroy we may race with it and fail the rmdir of
the overmounted (BUSY) rootfs.
This makes lxc-test-snapshot pass for me again.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 7a48a41f8c8ca8b78ce719680c207a5dfde1c29e
https://github.com/lxc/lxc/commit/7a48a41f8c8ca8b78ce719680c207a5dfde1c29e
Author: Christian Brauner <christianvanbrauner at gmail.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Destroy bdevs using bdev_destroy() from bdev.h
Signed-off-by: Christian Brauner <christianvanbrauner at gmail.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: 7515d565ff6c766cdc9cc967a0d6ef6a4ea42c2e
https://github.com/lxc/lxc/commit/7515d565ff6c766cdc9cc967a0d6ef6a4ea42c2e
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2015-09-21 (Mon, 21 Sep 2015)
Changed paths:
M src/lxc/caps.c
M src/lxc/caps.h
M src/lxc/cgmanager.c
M src/lxc/confile.c
M src/lxc/genl.c
M src/lxc/genl.h
M src/lxc/list.h
M src/lxc/lxc_attach.c
M src/lxc/lxc_init.c
M src/lxc/lxc_start.c
M src/lxc/lxc_unshare.c
M src/lxc/lxccontainer.c
M src/lxc/lxccontainer.h
M src/lxc/nl.c
M src/lxc/nl.h
M src/lxc/start.c
M src/python-lxc/lxc.c
M src/tests/concurrent.c
M src/tests/reboot.c
Log Message:
-----------
Fix indentation
I've noticed that a bunch of the code we've included over the past few
weeks has been using 8-spaces rather than tabs, making it all very hard
to read depending on your tabstop setting.
This commit attempts to revert all of that back to proper tabs and fix a
few more cases I've noticed here and there.
No functional changes are included in this commit.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Compare: https://github.com/lxc/lxc/compare/9114b5fd40c4...7515d565ff6c
More information about the lxc-devel
mailing list