[lxc-devel] [lxc/lxc] 7f5a16: lxc-debian: make sure init is installed
GitHub
noreply at github.com
Mon Jun 27 20:23:17 UTC 2016
Branch: refs/heads/stable-2.0
Home: https://github.com/lxc/lxc
Commit: 7f5a16e41bb87f88725a3577d2a91ed5dc2db73e
https://github.com/lxc/lxc/commit/7f5a16e41bb87f88725a3577d2a91ed5dc2db73e
Author: Antonio Terceiro <terceiro at softwarelivre.org>
Date: 2016-06-27 (Mon, 27 Jun 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
lxc-debian: make sure init is installed
init 1.34 is not "Essential" anymore, in order to make it not required
on minimal chroots, docker containers, etc. Because of that we now need
to manually include it on systems that are expected to boot.
Signed-off-by: Antonio Terceiro <terceiro at debian.org>
Commit: f2b17b4309e6a0bf2a319340576b8c4e3141ae91
https://github.com/lxc/lxc/commit/f2b17b4309e6a0bf2a319340576b8c4e3141ae91
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2016-06-27 (Mon, 27 Jun 2016)
Changed paths:
M templates/lxc-plamo.in
Log Message:
-----------
plamo: Improve Plamo template
* configure to start only the minimum of service
* add ntp, kmod to ignore packages
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Commit: 9a1d96120f578d35227895aff3852ef10a9e1b1d
https://github.com/lxc/lxc/commit/9a1d96120f578d35227895aff3852ef10a9e1b1d
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-06-27 (Mon, 27 Jun 2016)
Changed paths:
M config/apparmor/abstractions/container-base
M config/apparmor/abstractions/container-base.in
Log Message:
-----------
apparmor: Allow bind-mounts and {r}shared/{r}private
Bind-mounts aren't harmful in containers, so long as they're not used to
bypass MAC policies.
This change allows bind-mounting of any path which isn't a dangerous
filesystem that's otherwise blocked by apparmor.
This also allows switching paths {r}shared or {r}private.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 5b0e4923bc39cf34215e44fccc425b1f3e42674b
https://github.com/lxc/lxc/commit/5b0e4923bc39cf34215e44fccc425b1f3e42674b
Author: AnrDaemon <anrdaemon at freemail.ru>
Date: 2016-06-27 (Mon, 27 Jun 2016)
Changed paths:
M config/init/upstart/lxc-instance.conf
Log Message:
-----------
Force lxc-instance to behave like a good Upstart client
Remove unnecessary shell wrap around job start.
Force foreground execution to allow job monitoring and control.
Signed-off-by Andrey Repin <anrdaemon at yandex.ru>
Commit: 7e4c9a30feb3905902a158cde099f4510a54d5ef
https://github.com/lxc/lxc/commit/7e4c9a30feb3905902a158cde099f4510a54d5ef
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-06-27 (Mon, 27 Jun 2016)
Changed paths:
M config/apparmor/abstractions/container-base
M config/apparmor/abstractions/container-base.in
Log Message:
-----------
apparmor: allow mount move
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 549a40b6128892112895299e445e0564c3faaea2
https://github.com/lxc/lxc/commit/549a40b6128892112895299e445e0564c3faaea2
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-06-27 (Mon, 27 Jun 2016)
Changed paths:
M config/apparmor/abstractions/container-base
M config/apparmor/abstractions/container-base.in
Log Message:
-----------
apparmor: Update mount states handling
Properly list all of the states and the right apparmor stanza for them,
then comment them all as actually enabling this would currently let the
user bypass apparmor entirely.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 05352fc9304f465b9322e22d19f62641d82dc6ad
https://github.com/lxc/lxc/commit/05352fc9304f465b9322e22d19f62641d82dc6ad
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2016-06-27 (Mon, 27 Jun 2016)
Changed paths:
M config/apparmor/abstractions/start-container
Log Message:
-----------
AppArmor: add make-rslave to usr.bin.lxc-start
The profile already contains
mount options=(rw, make-slave) -> **,
Which allows going through all mountpoints with make-slave,
so it seems to make sense to also allow the directly
recursive variant with "make-rslave".
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Compare: https://github.com/lxc/lxc/compare/0cd7f6f94ed7...05352fc9304f
More information about the lxc-devel
mailing list